Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

An increasing number of people are reporting receiving text messages about unpaid tolls. Although some of these messages are legitimate, fraudsters are now using this tactic to trick unsuspecting individuals into sharing personal information or making fraudulent payments. Typically, these scam messages create a sense of urgency, pressuring recipients to act quickly before verifying the claim.

Researchers at Google have published a report on the latest scam trends, noting an increase in travel-themed scams targeting people preparing for their summer vacations. “Ahead of the summer vacation season, our teams have observed a spike in travel scams,” the researchers write. “Fake travel websites lure users into booking travel with a promise of ‘too good to be true’ prices, experiences, or discounts.

Card fraud is escalating at an alarming rate, with no signs of slowing down. In a world where digital payments have become the norm, almost everyone, consumers, businesses, and financial institutions, finds themselves at risk. The convenience of card payments has made them an essential part of daily life, but it has also paved the way for sophisticated fraud schemes. For businesses, the stakes are even higher.

Arctic Wolf has recently observed customers receiving unsolicited Microsoft multi-factor authentication (MFA) text messages. These messages originate from legitimate Microsoft short code numbers; however, the source and intent have not been confirmed. This issue appears widespread, affecting organizations across multiple industry verticals. Example of Text Message It is currently unclear whether this activity is due to a systemic issue on Microsoft’s side or part of a malicious campaign.

Botnets have become a core part of the infrastructure in today’s cybercrime ecosystem — not just as enablers of disruption, but as purpose-built networks engineered for profit, stealth, and scalability. Built from large networks of compromised devices and rented out via criminal marketplaces, botnets are now essential as-a-service components of any cyberfraudster’s toolkit. While the concept of a botnet is not new, their construction, use cases, and value have certainly advanced.

A KnowBe4 co-worker of mine recently got this SMS phishing message (i.e., smish). They quickly identified it as a social engineering attack and shared it on our internal communication channel for sharing such things. I have had more and more of these types of similar smishes occurring over the last few months. It is an attempt to trick someone into worrying that their Gemini, Gmail, Microsoft, Instagram…or whatever account…is in the middle of being compromised and you need to react NOW! NOW!

When it comes to the stress of dealing with eCommerce scams, digital business teams don’t need reminding. But the current and projected cost of eCommerce fraud is truly staggering. A study by Juniper Research, a leader in fintech insights, forecasts that eCommerce fraud is set to leap from $44.3 billion in 2024 to $107 billion by 2029. That’s stomach-churning 141% jump. Needless to say, eCommerce fraud prevention has never been a more pressing goal.