#impersonations

#impersonations

Scams involving antiques and collectibles are almost as old as some of the items. But internet sales now mean fraudsters have a much wider audience.

British identity packages, including an ID scan, a selfie, and a dossier of personal data, can be purchased by criminals on the dark web for as little as 30, new research suggests. As identity theft continues to rise, experts have discovered the sale of national identity documents, driving licences, credit card details and 2,000 UK frequent traveller passports. The information can be exploited in multiple ways and used to apply for credit cards, mortgages, car loans, or to open bank accounts.

Tools to create tailored, even personalised, scams leveraging, for example, deepfake videos of Swedish journalists or the president of Cyprus are no longer niche, but inexpensive and easy to deploy at scale, said the analysis from the AI Incident Database. It catalogued more than a dozen recent examples of impersonation for profit, including a deepfake video of Western Australia's premier, Robert Cook, hawking an investment scheme, and deepfake doctors promoting skin creams.

"The buttons that he's telling me to push are not there. I don't use Zoom often so I'm feeling frustrated thinking that I don't know what I'm doing. He's getting frustrated, and he says, 'OK, let's just switch the Zoom call to your phone,'" Stotts said.

The email seen by at least some customers of the Emma email platform was a phishing scam. Hackers hoped to inspire instant panic with the words, 'As part of our commitment to supporting U.S. Immigration and Customs Enforcement (ICE), we will be adding a Support ICE donation button to the footer of every email sent through our platform.'

Tycoon 2FA, a Phishing-as-a-Service (PhaaS) platform, enabled thousands of cybercriminals to steal login credentials and session tokens. Even accounts secured with MFA could be compromised via a single email. The service had been active since at least 2023 and quickly grew to become one of the most widely used phishing platforms in the world.

Impostors are impersonating our reporters to extract sensitive business information from unsuspecting targets. In several cases we know about, scammers have adopted the identity of actual staff members, crafting what looks like a standard media inquiry about a company's products and requesting an introductory call.

Security researchers have discovered a live infection in which an infostealer has stolen the configuration files of an OpenClaw AI agent. The attack was carried out through a broad file-theft routine that automatically searched for sensitive file extensions and specific folder names, including .openclaw. The malware was not specifically designed for OpenClaw; it arose by chance from capturing the operational context of the victim's AI assistant. What makes the attack particularly serious is the combination of stolen data.

The Guardian has identified at least 150 Telegram channels large encrypted group chats popular for their secure communication that appear to have users in many countries, from the UK to Brazil, China to Nigeria, Russia to India. Some of them offer nudified photos or videos for a fee: users can upload a photo of any woman, and AI will produce a video of that woman performing sexual acts.