While there are an estimated 30,000 daily cyber attacks on business websites, there are roughly ten times as many attacks against social media accounts every single day, equating to roughly 1.4 billion accounts every month. Social media attacks and scams have become pervasive problems, with threat actors finding innovative new ways to deceive users and steal their information.

New data from the U.K.’s Office of National Statistics shows that this often overlooked scam has grown significantly in interest – likely because it pays off. If you’re not familiar with this kind of scam, it’s pretty simple: the scammer presents the victim with an opportunity for a grant, a prize – something of value – but requires a small payment up front (often called a processing fee, etc.).

Auditors and other anti-fraud professionals have fresh guidance this week on how to manage fraud risk, with an emphasis on data analytics, internal reporting hotlines, and discussion of how effective fraud risk management can deter fraudsters from trying their schemes in the first place. Said guidance comes from COSO and the Association of Certified Fraud Examiners, who released the document earlier this week.

For many financial institutions and retail businesses, there is a need to balance the risks associated with payment fraud and advanced persistent threats against the economic imperative to provide excellent customer experiences in a competitive market. When good users are mistakenly flagged as fraudsters and can’t access payment services, customers get angry and brands lose revenue. These false declines result in lost customers, damaged reputation and lower revenue.

As fraud continues to grow in prevalence, SecOps teams are increasingly investing in fraud prevention capabilities to protect themselves and their customers. One approach that’s proved reliable is the use of log analytics and telemetry data for fraud prevention. By collecting and analyzing data from various sources, including server logs, network traffic, and user behavior, enterprise SecOps teams can identify patterns and anomalies in real time that may indicate fraudulent activity.

Researchers at Group-IB have found an extensive campaign in which criminal operators have created a large number of fake Facebook profiles that repost messages in which the scammers misrepresent themselves as tech support personnel from Meta (Facebook’s corporate parent). Researchers discovered some 3200 bogus profiles in twenty-three languages. By far most of the profiles were created in English, more than 90%, followed by Mongolian (2.5%), Arabic (2.3%), Italian (0.8%), and Khmer (0.6%).

Texting has taken over the global communication space; marketers and predators are seeing huge dollar signs. Email continues to be a reliable, but somewhat fraught with problems, alternative form of communication. In fact, the average user interacts, sends, and receives 25% more texts than email, and usage is skyrocketing. Most electronic device users have loads more unopened emails than texts.

A FBI bulletin highlights a new twist in the sextortion game: companies claiming to assist with addressing sextortion who use deceptive social engineering tactics to coerce victims into paying huge fees.

Harding, Shymanski, and Company is a major accounting firm that works with customers providing them with tax help and other financial services. The company recently suffered from a data breach that exposed many of its clients and led to fraudulent tax filings for the 2022 tax year. The company employs more than 142 people and has an approximate annual revenue of $28 million. A large number of individuals were impacted by this very serious data breach.

Read also: Bitrue crypto platform hacked for $23 million, Ryuk crypto broker sentenced to no jail time, and more.