Reading view

↗️

How we test AI at ZDNET

✇ZDNet | security RSS
AI is the hottest topic in tech with new models and products launching daily. Here's how we test the latest AI developments at ZDNET.
  •  
  • ↗️
↗️

Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks

✇The Hacker News
By: Ravie Lakshmanan
Cybersecurity researchers are warning of two cybercrime groups that are carrying out "rapid, high-impact attacks" operating almost within the confines of SaaS environments, while leaving minimal traces of their actions. The clusters, Cordial Spider (aka BlackFile, CL-CRI-1116, O-UNC-045, and UNC6671) and Snarky Spider (aka O-UNC-025 and UNC6661), have been attributed to high-speed data theft and

  •  
  • ↗️
↗️

China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists

✇The Hacker News
By: Ravie Lakshmanan
Cybersecurity researchers have disclosed details of a new China-aligned espionage campaign targeting government and defense sectors across South, East, and Southeast Asia, along with one European government belonging to NATO. Trend Micro has attributed the activity to a threat activity cluster it tracks under the temporary designation SHADOW-EARTH-053. The adversarial collective is assessed to

  •  
  • ↗️
↗️

r/netsec monthly discussion & tool thread

✇/r/netsec - Information Security News & Discussion
By: /u/albinowax

Questions regarding netsec and discussion related directly to netsec are welcome here, as is sharing tool links.

Rules & Guidelines

  • Always maintain civil discourse. Be awesome to one another - moderator intervention will occur if necessary.
  • Avoid NSFW content unless absolutely necessary. If used, mark it as being NSFW. If left unmarked, the comment will be removed entirely.
  • If linking to classified content, mark it as such. If left unmarked, the comment will be removed entirely.
  • Avoid use of memes. If you have something to say, say it with real words.
  • All discussions and questions should directly relate to netsec.
  • No tech support is to be requested or provided on r/netsec.

As always, the content & discussion guidelines should also be observed on r/netsec.

Feedback

Feedback and suggestions are welcome, but don't post it here. Please send it to the moderator inbox.

submitted by /u/albinowax
[link] [comments]
  •  
  • ↗️
↗️

Ad Impersonation Scams and Record-Breaking Social Media Fraud Losses: This Week in Scams

✇McAfee Blogs
By: Brooke Seipel

You’re scrolling through Facebook or TikTok and see it. 

A flash sale from a brand you recognize. A limited-time investment opportunity. A job posting that promises quick money. 

The ad has comments. The account looks polished. Maybe someone you follow even liked it. 

So you click. 

From there, things move fast. You’re pushed to act quickly, enter your information, or send payment before the “deal” disappears. And just like that, the money is gone or your account is compromised. 

This isn’t an edge case anymore. According to new FTC data, nearly 30% of people who reported losing money to a scam in 2025 said it started on social media, with total losses hitting $2.1 billion. 

That’s why McAfee+ Advanced includes comprehensive protection designed to help you spot and stop scams at every step, including McAfee’s Scam Detector, which flags suspicious links and messages and explains why they may be risky, along with identity and privacy tools that help protect your information if a scam slips through. 

How Social Media Ad Scams Work 

A social media ad scam is when scammers use paid ads, fake profiles, or hijacked accounts on platforms like Facebook, Instagram, or TikTok to promote fake products, services, or investment opportunities in order to steal money or personal information. 

Step  What happens  What to do  How McAfee helps 
1  You see an ad, post, or DM promoting a deal, job, or investment  Don’t engage immediately, even if it looks legitimate  Scam Detector flags suspicious links and messages before you interact 
2  The ad links to a website or moves you into DMs  Avoid clicking unfamiliar links or continuing off-platform  Safe Browsing helps block risky or newly created websites 
3  You’re pressured to act quickly or “secure your spot”  Slow down and verify the company independently  Scam Detector explains urgency tactics and why they’re risky 
4  You’re asked to pay, share login info, or download something  Never send money or credentials based on a social media interaction  Identity Monitoring helps protect your personal data if exposed 
5  The product never arrives, the investment disappears, or your account is compromised  Report the scam and secure your accounts immediately  Personal Data Cleanup and monitoring help reduce ongoing exposure 

Red Flags To Watch For 

  • Deals that feel unusually cheap or urgent  
  • Ads linking to unfamiliar or slightly misspelled websites  
  • Requests to move conversations off-platform quickly  
  • Payment requests via apps, crypto, or wire transfer  
  • Accounts with limited history or inconsistent engagement  

And that is the first part of This Week in Scams! This Friday we’re taking a different format to talk about this new FTC data and all that it reveals.  

Let’s keep digging in: 

FTC Report: Social Media Scams Are Now The Most Costly Fraud Channel 

New data from the FTC shows just how dominant social media has become in the scam landscape. 

  • Social media scams drove $2.1 billion in reported losses in 2025  
  • Losses have increased eightfold since 2020  
  • Investment scams alone accounted for $1.1 billion of those losses 

Where Scams Are Happening And What’s Changing 

Category  What to know 
Most common scams  Shopping scams lead, with over 40% of victims reporting purchases from social media ads that never arrived 
Most costly scams  Investment scams drive the biggest losses, often starting with ads or group chats showing fake success 
What’s changing  Scammers are using platform tools like ads, targeting, and profile data to reach people more precisely than ever 

How Scams Play Out Across Platforms 

Platform  How scams typically start  What to watch for 
Facebook  Ads, Marketplace listings, hacked accounts  Fake stores, duplicate listings, urgent purchase pressure 
Instagram  Sponsored posts, influencer impersonation  “Limited drop” scams, fake brand collaborations 
TikTok  Ads, stolen videos/profiles, comment links, bio links,   “Get rich quick” schemes, external link funnels, reselling via TikTok 
WhatsApp  Group chats, investment communities  Fake testimonials, coordinated pressure to invest 

 How McAfee Protects You from Scams and Cyber Threats 

McAfee+ Advanced gives you multiple layers working together so you are not left figuring it out after the damage is done:   

  • Identity Monitoring alerts you if your personal info shows up where it should not, so you can act fast  
  • Personal Data Cleanup helps remove your information from data broker sites, making you harder to target in the first place  
  • Scam Detector flags suspicious texts, emails, links, and even deepfake videos before you engage  
  • Safe Browsing helps block risky sites if you do click  
  • Device Security helps detect malicious apps or downloads  
  • Secure VPN keeps your data private, especially on public Wi-Fi    

McAfee Safety Tips This Week 

Our advice based on this week’s scams and schemes: 

  • Treat social media ads like any other unknown source, not a trusted recommendation  
  • Pause before clicking, especially when urgency is involved  
  • Verify brands by going directly to their official website  
  • Avoid sending money or personal information through social media  
  • Use tools like Scam Detector to check suspicious links before engaging  

And we’ll be back next week with more scams making headlines.

The post Ad Impersonation Scams and Record-Breaking Social Media Fraud Losses: This Week in Scams appeared first on McAfee Blog.

  •  
  • ↗️
❌