Latest news with #emailfraud
Yahoo
7 days ago
- Yahoo
FTC Issues New Warning for All Cell Phone Users
The advent of technology brought with it plenty of positive influences on every day life, like allowing for instantaneous connectivity with friends and family. Unfortunately, it brought plenty of negatives along with it, like phishing scams. What Is a Phishing Scam? "Phishing schemes often use spoofing techniques to lure you in and get you to take the bait. These scams are designed to trick you into giving information to criminals that they shouldn't have access to," the FBI says. The FBI revealed how to identify a phishing scam, saying users "might receive an email that appears to be from a legitimate business" and asks said user to update or verify their personal information by replying to the email or visiting a website. "But once you click on that link, you're sent to a spoofed website that might look nearly identical to the real thing—like your bank or credit card site—and asked to enter sensitive information like passwords, credit card numbers, banking PINs, etc. These fake websites are used solely to steal your information," the FBI warned. A New Phishing Scam Uses Amazon to Fool Cell Phone Users Late last month the Federal Trade Commission issued a new warning to cell phone users revealing scammers are pretending to be Amazon by sending text messages claiming there's a problem with an item they bought with a refund link attached. "You get an unexpected text that looks like it's from Amazon. It claims the company did a 'routine quality inspection' and an item you recently bought doesn't meet Amazon's standards or has been recalled," the FTC said, explaining the new phishing attack. "The text offers you a full refund and says you don't need to return the item — as long as you click a link to request your money back. But there is no refund. Instead, it's a phishing scam to steal your money or personal information." How to Avoid the Scam The FTC offered a number of different ways to help avoid the scam or what to do if you've received such a text. Don't click links in unexpected texts — and don't respond to them. If you think the message could be legit, contact the company using a phone number, email, or website you know is real — not the info from the text. Check your Amazon account. If you're worried, log in through the Amazon website or app — don't use the link in the text — to see if there's a problem with or recall on anything you've ordered. Send unwanted texts to 7726 (SPAM) or use your phone's 'report junk' option. Once you've reported it, delete the Issues New Warning for All Cell Phone Users first appeared on Men's Journal on Aug 7, 2025 Solve the daily Crossword
Zawya
12-06-2025
- Business
- Zawya
Proofpoint research UAE travel brands are taking proactive steps to defend customers from fraudulent emails
Dubai, United Arab Emirates – Proofpoint, Inc., a leading cybersecurity and compliance company, today released new research revealing that 85% of the top online travel sites* in the UAE have adopted Domain-based Message Authentication, Reporting and Conformance (DMARC), a key email security protocol that helps protect users from email fraud. However, only 45% of these sites have implemented it at the highest enforcement level of 'reject,' which actively blocks unauthorised emails from reaching inboxes. The findings are based on a DMARC adoption analysis of the top 20 online travel sites in the UAE, and across Europe and the Middle East. DMARC is an email validation protocol designed to protect domain names from being misused by cybercriminals. It authenticates the sender's identity before allowing a message to reach its intended destination. DMARC has three levels of protection – monitor, quarantine and reject, with reject being the most secure for preventing suspicious emails from reaching the inbox. With travel demand in the UAE continuing to rise, a recent KPMG study found that 77% of UAE travellers use mobile apps or hotel booking services, increasing the volume of digital interactions between consumers and travel brands. But as consumers eagerly plan and book their getaways, this surge in activity – coupled with a high volume of emails and promotional offers from travel companies – creates a perfect storm for cybercriminals, turning dream holidays into costly scams through sophisticated email fraud. Key findings include: The UAE demonstrates stronger foundational email security adoption compared to its European counterparts, with 85% of the top travel sites publishing a DMARC record, reflecting growing awareness of cybersecurity best practices across the country's travel sector. However, there is room for improvement with only 45% of the UAE's top travel sites using the policy at 'reject' level, meaning 55% are leaving their customers, staff, and partners more vulnerable to receiving fraudulent emails impersonating these brands. On average, 88% of the top travel websites across Europe and the Middle East have published a basic DMARC record. However, only 46% of all travel sites analysed are at reject, meaning 54% of the top travel sites across the regions are leaving customers at risk of email fraud. 'Holiday bookings often represent a significant number of high-value financial transactions and bring experiences of high personal and emotional value; this combination makes travellers prime targets for cybercriminals. Attackers actively use sophisticated email fraud, especially during peak holiday season, to exploit vulnerabilities,' says Matt Cooke, cybersecurity strategist, Proofpoint. 'Fake booking confirmations, too-good-to-be-true deals, and urgent payment requests for supposed flight changes are common tactics. These fraudulent communications can appear highly convincing, putting travellers' finances and personal data at risk.' "Travel companies bear a social responsibility to do everything they can to stop convincing scam emails being sent in their name, to holidaymakers,' continues Cooke. 'Implementing DMARC technology to its fullest level of 'reject' allows travel companies to massively reduce the risk of that happening, protecting both their brand and all of the holidaymakers at the same time., it's a win-win." Proofpoint advises consumers to follow these tips to stay safe when booking and managing travel online: Secure your bookings – and your accounts. Use strong, unique passwords for travel accounts and booking sites. Enable multi-factor authentication (MFA) wherever possible to add an extra layer of security. Watch out for fake travel deals – and websites. Be wary of unsolicited offers that seem too good to be true. Scammers create convincing fake websites for airlines, hotels, or comparison sites to steal money and credentials. Always book through official sites or reputable, verified agents. Navigate away from phishing trips – and smishing scams. Stay alert to phishing emails or smishing (SMS phishing) messages regarding flight changes, booking confirmations, or visa applications that demand urgent action or personal details. These often lead to fake login pages designed to capture your information. Don't get detoured by suspicious links. Avoid clicking directly on links in unsolicited emails, social media messages, or pop-up ads, especially for special offers or urgent alerts. Instead, type the official website address directly into your browser. Check reviews before You book. Fraudulent travel offers, websites, and apps can look deceptively genuine. Before providing payment details or downloading a new travel app, invest time in researching the company, reading independent online reviews, and checking for customer complaints. Methodology: *This analysis of DMARC adoption among the top 20 online travel sites per market in the UK, Italy, France, Germany, Spain, Benelux, UAE and KSA (as identified by data from Semrush, ecommerce Italia, Fevad, Statista, Ocu, SimilarWeb) was conducted in May 2025. About Proofpoint, Inc. Proofpoint, Inc. is a leading cybersecurity and compliance company that protects organisations' greatest assets and biggest risks: their people. With an integrated suite of cloud-based solutions, Proofpoint helps companies around the world stop targeted threats, safeguard their data, and make their users more resilient against cyber attacks. Leading organisations of all sizes, including 85 percent of the Fortune 100, rely on Proofpoint for people-centric security and compliance solutions that mitigate their most critical risks across email, the cloud, social media, and the web.
The Sun
12-05-2025
- Business
- The Sun
All PayPal users warned their banks risk being emptied instantly as experts reveal costly ‘one-click' account mistake
Sean Keach, Head of Technology and Science Published: Invalid Date, ANYONE with a PayPal account needs to watch out for a dastardly email that could empty your bank account in seconds. Security professionals have warned about a "dramatic spike" in the costly criminal scheme. Experts say scammers have "evolved their tactics", warning over a series of devastatingly effective scam emails that could turn up in your email inbox. These messages are highly convincing, look just like official PayPal messages, and raid your profile in just "one click". Security giant McAfee says it has tracked a "dramatic seven-fold increase" in this type of scam since January. And PayPal has become a "prime target for cybercriminals looking to steal personal information and money", McAfee's Abhishek Karnik explained. One of the main email types is headlined with "Action Required". This demands that you update your profile details urgently – usually within 48 hours – or your account risks being banned. It'll warn that PayPal has previously tried to contact you, and says you'll be locked out of your account if you don't reply. McAfee says that this particular scam campaign is focusing on email – rather than text or social media. Another kind of "real-world" scam that McAfee has seen is a promise of a reward. One email says you can bag a cash gift for completing a short survey. Deepfakes more 'sophisticated' and dangerous than ever as AI expert warns of six upgrades that let them trick your eyes In both cases, you click through – and then you're at the mercy of the crooks. There's no account problem or cash reward. Instead, you end up handing your log-in details to crooks when you sign in or fill in details. That can give criminals blanket access to your PayPal account, allowing them to steal your info and even funds. The security experts warned that there are four other types of PayPal scam email that might turn up, all with similarly costly outcomes. They include: Fake PayPayl gift card offers Phoney invoices for purchases Customer support scams (including billing issues) Fake payment requests or confirmations Thankfully it's easy to stay safe by following some simple rules. "Never click links in emails or texts claiming to be from PayPal," Karnik explained. TURN TWO-STEP VERIFICATION ON FOR PAYPAL Here's how to enable this important security feature... "PayPal's 2-step verification (two-factor authentication) gives you an extra layer of security when accessing your account," PayPal explains. "This process can only be done through your web browser and not through the PayPal App. "You can set up 2-step verification using an authenticator app (like Google authenticator and Microsoft authenticator)." Log in to PayPal, then choose the Settings option. Now go to Security > Set Up (next to 2-step Verification). Choose how to get a code – for instance, via an authenticator app. Then click Set It Up and follow the instructions. Picture Credit: PayPal 4 "Instead, open a new browser window and log in directly at or use the official PayPal app to check for notifications. "If you need to contact PayPal support, use only the official contact methods listed on their website." Karnik also added: "Legitimate companies don't typically threaten immediate account closure or demand urgent action within short timeframes like 28 hours." McAfee recommended that all PayPal users turn on two-factor authentication, meaning you'll need a code to log in to your account in addition to a password.
