Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cyber-enabled crimes cost Americans nearly $21 billion in 2025, a 26% increase from the previous year, according to the FBI’s latest Internet Crime Report. Phishing, extortion, and investment scams were the most commonly reported attacks, with AI-related scams driving some of the costliest losses. Phishing was the top attack vector, with these attacks leading to more than $215 million in losses. Notably, AI-assisted business email compromise (BEC) attacks cost victims more than $30 million.

Scams are becoming more sophisticated over time, but this latest scam should be a wake-up call to all organizations and employees as to how far some scammers will go to damage your organization or its stakeholders. On March 31, 2026, malicious hackers hijacked the development account of a lead maintainer of a popular open source product called Axios used by many companies. It has over 100 million downloads a week. Note: The Axios involved here is not Axios, the news media company.

Most MITM attacks don’t announce themselves. No alerts fire, no certificates visibly break, and no users report anything unusual. By the time the interception is discovered, credentials or session tokens are already in attacker hands. Knowing how to detect man-in-the-middle attacks requires looking across multiple layers: network traffic, DNS resolution, TLS certificate integrity, and session behavior.

QR code phishing is a social engineering attack that embeds malicious URLs inside QR code images delivered through email. Because the payload lives inside an image — not in a clickable link or plain text — legacy secure email gateways (SEGs) never see it. The email passes inspection. The user scans the code with their phone. And the attack moves from a protected corporate desktop to an unmanaged mobile device outside your security perimeter.

Razorthorn has worked with wide range of technically savvy clients who are confident they would spot a fake, but confidence is exactly what makes deepfake fraud so effective. In 2024, a finance manager at engineering firm Arup transferred $25 million to fraudsters after taking part in a video call with what appeared to be his CFO and several colleagues. Every person on that call was fabricated. None of it was real.

As of 2026, Memcyco maintains active certifications across ISO/IEC 27001, ISO/IEC 27017, ISO/IEC 27018, and SOC 2 Type II (AICPA). These certifications confirm that Memcyco maintains independently audited processes for managing information security, securing cloud environments, and protecting sensitive data.

Remote desktop takeover scams are not difficult because attackers bypass controls. They are difficult because, by the time controls engage, the session already appears legitimate. Security teams are used to thinking about compromise in terms of malware, credentials, or infrastructure exposure. Remote access scams break that model. The attacker does not need to break in. They are invited in, then operate within a session that uses the same access and permissions as the legitimate user.

INETCO has been named Best Online Fraud Detection & Cyber Security Software 2026 by Corporate Vision in the Canadian Business Awards. This recognition highlights the real world impact our customers are making to prevent payment fraud and strengthen cyber resiliency across global payment ecosystems.