The article discusses the rising threat of digital fraud, driven by AI and sophisticated tactics like deepfakes. It emphasizes the need for businesses to adopt multi-layered verification strategies, leveraging technologies such as biometric authentication and machine learning to stay ahead of fraudsters.

Zimperium zLabs discovered over 760 Android apps misusing NFC and HCE to steal payment data, with a notable increase in attacks since April 2024. These malicious apps impersonate trusted institutions and operate through a command-and-control system, making detection difficult. Financial institutions and users need to be wary of unfamiliar apps requesting NFC access.

Revolut has launched an in-app feature that identifies phone calls from genuine agents versus scammers in real-time. With the rise of AI deepfakes, the company aims to protect users from impersonation scams, providing immediate warnings and guidance during potential fraud attempts.

On Black Friday, Visa reported blocking 280% more suspected fraudulent transactions in the UK compared to previous years. This reflects a stronger defense against fraud targeting shoppers during the holiday sales.

Coalition has expanded its cyber insurance policies to include coverage for incidents involving deepfakes, which can damage reputations or facilitate fraud. This includes support services for legal and crisis management related to deepfake content. While deepfake claims are currently rare, experts predict their use in cybercrime will rise in the near future.

A new report from Zimperium reveals a rise in NFC relay malware targeting Android users' tap-to-pay systems. Over 760 malicious apps have been found that impersonate legitimate banking applications to steal payment data and facilitate fraud. Users are advised to download apps only from the Google Play Store and stay vigilant against unknown payment requests.

Fraud Tools, Tactics, and Techniques (FT3) is a framework developed by Stripe to enhance understanding and response to fraudulent activities by documenting the tactics, techniques, and procedures used by fraudsters. It aims to help organizations identify security gaps, develop detection mechanisms, improve incident response, and foster collaboration within the fraud prevention community. Contributions from the community are encouraged to further the effectiveness of the framework.

Radar enhances user authentication security by automatically detecting and mitigating suspicious behavior through device fingerprinting and real-time analytics. It offers options to block or challenge authentication attempts based on various signals and provides detailed dashboards for monitoring and managing user activity. Additionally, Radar allows for custom configurations to adapt to specific security needs, ensuring legitimate users are not adversely affected during attacks.

A malicious PyPi package named 'disgrasya', which exploits WooCommerce stores to validate stolen credit cards, has been downloaded over 34,000 times before its removal. The package automates the process of card validation by simulating a checkout flow, making it difficult for fraud detection systems to identify. Mitigation strategies include blocking low-value orders and implementing CAPTCHA steps during checkout.

Binance, Coinbase, and several other major crypto exchanges have joined TRM Labs' new Beacon Network, aimed at combating cryptocurrency-related crime. The initiative involves collaboration with law enforcement to monitor and flag suspicious activities in real-time, enhancing consumer protection in the crypto ecosystem.

Authorities are cautioning the public about SMS "blaster" scams that facilitate the sending of fraudulent texts without needing personal phone numbers. A recent case involved a man jailed for over a year for using such a device to send messages impersonating trusted organizations, highlighting the growing threat of smishing attacks.

Mobile number hacking, particularly through SIM swap fraud, has become increasingly common, leading to significant financial losses for victims. Signs of a compromised mobile number include unexpected service issues and losing access to personal accounts. If you suspect your number has been hacked, it's crucial to contact your carrier, secure financial accounts, and take preventive measures against future attacks.

Plaid has enhanced its identity verification product to address the rising threat of fraud stemming from generative AI technologies. The update aims to bolster security measures and protect users from increasingly sophisticated fraudulent schemes that exploit AI capabilities.

Effective fraud teams leverage scattered data by transforming it into actionable insights through a signals-based approach. This guide outlines key questions to ask about risk signals, methods to detect AI-generated fraud, and best practices for designing a secure onboarding flow.

Scammers are impersonating employees of the FBI's Internet Crime Complaint Center (IC3) to trick fraud victims into providing personal information under the pretense of helping them recover lost funds. The FBI has reported over 100 instances of this tactic over the past two years, warning individuals to be cautious and not share sensitive information with unknown contacts online. They emphasize that IC3 employees do not reach out directly to victims or ask for payment for recovery services.