Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

knowbe4

FTC: Americans Lost $2.1 Billion to Social Media Scams Last Year

May 18, 2026 By KnowBe4 Team In KnowBe4
A new report from the US Federal Trade Commission (FTC) has found that Americans lost $2.1 billion in 2025 to scams that began on social media. Nearly 30% of people who reported losing money to a scam said it started on social media, far outpacing other modes of contact.
Read Post
securonix

Analyzing TAX#TRIDENT: Fake Indian Tax Lures Pivot Across ZIP, VBS, Stego and PHP-Wrapped VBS Delivery

May 18, 2026 By Chain 1: In Securonix
Securonix Threat Research tracks TAX#TRIDENT, an active fake Indian Income Tax-themed campaign that uses three delivery paths to reach Windows endpoints. The campaign starts with fake tax assessment lures and then moves victims toward ZIP files, VBScript downloaders, or PHP-looking web endpoints that actually return script content.
Read Post
The Best Platforms for Bot Management and Account Takeover Prevention in 2026

The Best Platforms for Bot Management and Account Takeover Prevention in 2026

May 18, 2026 By SecuritySenses In SecuritySenses
Online fraud is no longer a niche IT concern. Bots account for nearly half of all internet traffic, and account takeover attacks are costing businesses billions every year. Whether you're protecting a login page, an e-commerce checkout, or a marketing funnel, the platform you choose to defend your digital infrastructure matters enormously. This guide breaks down the top platforms across two categories: account takeover (ATO) prevention and bot management. Each list ranks solutions based on specialization, detection depth, and real-world effectiveness.
Read Post
memcyco

Regulation E and Digital Banking Fraud: What Financial Institutions Need to Know

May 15, 2026 By Ezra M. In Memcyco
Fake banking sites aren’t just a customer problem. CFPB guidance makes clear that when a fraudster obtains account access information through deception and uses it to initiate a covered EFT, the transfer may qualify as an unauthorized EFT under Regulation E. That means cloned login pages can create investigation obligations, provisional credit requirements, and reimbursement exposure for banks, even when the customer typed the password themselves.
Read Post
inetco

INETCO's Bijan Sanii on the threat every South African bank should be worried about

May 13, 2026 By Stacy Gorkoff In INETCO
Article by Luis Monzon originally published on MyBroadband, May 9, 2026. Anthropic’s AI model Mythos, part of its Claude software, represented a clear threat to banks and financial institutions in South Africa. This is according to Bijan Sanii, CEO of Canadian fraud detection provider INETCO. Anthropic, one of the world’s most important generative AI makers, positioned Mythos as an extremely capable AI model designed to identify vulnerabilities in critical software beyond human capabilities.
Read Post
memcyco

How to Reduce Time-to-Detect Fraud: Why Most Teams Are Already Too Late

May 8, 2026 By Ezra M. In Memcyco
ATO fraud cost US adults $15.6 billion in 2024, yet most fraud teams are still measuring detection time from the moment an alert fires, not from the moment an attacker starts building infrastructure. That gap is where the damage happens. To reduce time to detect fraud, teams need to move detection upstream, to Stage 1 and Stage 2 of the fraud lifecycle, before phishing sites go live and before a single credential is submitted. Faster transaction monitoring won’t close this gap.
Read Post
inetco

Are banks ready for AI-powered cyber threats?

May 7, 2026 By Joe Kitos In INETCO
A recent American Banker article, “Knock on wood: Are banks doing enough to cope with Mythos?” raises a timely and uncomfortable question about advanced AI models like Anthropic’s Claude Mythos. As highlighted in the article, INETCO CEO Bijan Sanii points out a critical truth: The conversation is being fueled by the emergence of AI technology capable of identifying software vulnerabilities at a speed and scale that was previously unimaginable.
Read Post
memcyco

How to Detect Account Takeover in Real-Time: Moving Beyond Login Alerts

May 6, 2026 By Ezra M. In Memcyco
Most enterprise fraud stacks are built to detect account takeover after it’s already succeeded. Login anomaly rules fire at authentication. Transaction models fire at monetization. By both points, the attacker is already inside. Knowing how to detect account takeover in real-time means shifting detection upstream – to behavioral signals, device trust, credential exposure feeds, and session integrity monitoring that activate before any fraudulent transaction is attempted.
Read Post
knowbe4

Attackers Continue to Pose as Help Desks in Social Engineering Attacks

May 6, 2026 By KnowBe4 Team In KnowBe4
Researchers at Google’s Threat Intelligence Group (GTIG) are tracking a new threat actor that’s impersonating help desks to trick users into installing malware. The threat actor, which GTIG tracks as “UNC6692,” begins by sending a large volume of spam emails to the victim, then initiates contact via Microsoft Teams to ostensibly help the user block the spam.
Read Post
memcyco

Preemptive Cybersecurity in Practice: Why Brand Impersonation Protection Can't Wait for the Takedown

May 6, 2026 By Ezra M. In Memcyco
Most brand impersonation protection programs are built around a process that starts after the damage is done. A fake site goes live. Customers land on it. Credentials get stolen. Then the takedown request goes in. That sequence isn’t a workflow problem. It’s an architectural one. Preemptive brand impersonation protection means intervening before credentials are entered, not after a cloned site is discovered.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.