Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Scammers are exploiting the death of Pope Francis to launch social engineering attacks, according to researchers at Check Point. The researchers note that threat actors often take advantage of high-profile tragedies and crises to exploit victims’ emotions. “They typically begin with disinformation campaigns on social media platforms like Instagram, TikTok, or Facebook, uploading fake images generated by AI,” the researchers write.

Technology is transforming the way financial scams operate, making them more sophisticated, automated, and harder to detect. From deepfake impersonations to cryptocurrency fraud and tech support scams, bad actors are leaving no stone unturned and are leveraging every advanced tool at their disposal to manipulate victims and steal their assets.

Imagine this: a customer clicks a paid search ad that looks exactly like your brand—same logo, same layout, even your brand tone. They enter their login credentials, maybe their payment details… and they’ve just handed everything over to a scammer. This is domain spoofing in 2025. And it’s scaling faster than most businesses are prepared for.

Right now, today, thousands of people are being tricked into going to their banks or credit unions to withdraw large sums of cash and will give or send it to a complete stranger, never to see it again. Many of the victims are in the prime of their lives, intelligent, and consider themselves to be of above-average ability in spotting scams and scammers.

On March 25, OpenAI introduced image generation for ChatGPT-4o and ChatGPT-4o mini. On March 31, it was announced that the tool was available for free to all users. Since then, users have quickly discovered that ChatGPT’s image generator can be manipulated to create fake receipts and forge other documents.

Before you click on that email or open that text message — is that really the United States Internal Revenue Service (IRS) or your tax provider? It may not be. BlueVoyant has identified dozens of websites impersonating the IRS, posing a risk to online users. These phishing sites likely aim to steal sensitive information by tricking users into believing they are interacting with the legitimate IRS website. Here are some examples of the phishing sites uncovered by BlueVoyant.

Scam losses in the Asia-Pacific region continue to escalate, positioning the area as a global testing ground for phishing innovations. Singapore’s recent implementation of the Shared Responsibility Framework (SRF) serves as a critical alert for enterprises: both regulators and customers are demanding heightened vigilance.