%term

WhatsApp Scam

Mar 12, 2026 By KnowBe4 | Human Risk Management In KnowBe4

POV: You get that “I found your photo” WhatsApp message. It’s a trap! Scammers are sneaky: they don’t want your password, they want to link your account to their device. WhatsApp will never ask you to link a device just to view a photo. Always be sure to check linked devices and verify before clicking to stay safe.

View Video

KnowBe4

Read more about WhatsApp Scam

How Scammers Use Travel SIM Sales to Steal Identity Documents

Mar 12, 2026 By SecuritySenses In SecuritySenses

Most organisations spend serious money on firewalls, endpoint protection, and threat monitoring. Yet one of the most commonly exploited attack surfaces gets far less attention: the APIs quietly running underneath almost every modern application. APIs are the connective tissue of today's digital infrastructure. They allow apps to talk to each other, enable third-party integrations, and power the real-time data exchanges that businesses depend on daily. They are also a favourite target for attackers who know that many organisations have not secured them properly.

Read Post

SecuritySenses

Read more about How Scammers Use Travel SIM Sales to Steal Identity Documents

Persona Launches Candidate Verification to Stop Hiring Fraud Before Day One

Mar 11, 2026 By Persona In Persona

New solution brings workforce identity verification to the hiring stage, helping talent and security teams confirm who's really in the pipeline before access is ever granted.

Read Post

Persona

Read more about Persona Launches Candidate Verification to Stop Hiring Fraud Before Day One

What is Smishing in Cybersecurity and How to Prevent it?

Mar 11, 2026 By SafeAeon Inc. In SafeAeon

Cybercriminals are increasingly using sophisticated techniques such as smishing to exploit mobile users. Smishing is a type of scam conducted through SMS (Short Message Service). Attackers use this method to get people to give up private information or click on harmful links. This fraudulent method exploits the speed and trust people place in text messages by pretending to be a trusted organization, such as a bank or the government.

Read Post

SafeAeon

Read more about What is Smishing in Cybersecurity and How to Prevent it?

Introducing Persona's candidate verification solution: Stop AI-powered candidate fraud before it reaches your workforce

Mar 11, 2026 By Jenna Kim In Persona

Hiring has never been easy. But in the last year, it’s taken on an entirely new level of complexity. Fake candidates have become one of the most urgent problems facing HR, talent, and InfoSec teams alike. Today’s recruiters are flooded with AI-generated resumes that are nearly impossible to distinguish from legitimate candidates. When fake candidates make it to interviews, the tactics escalate with deepfakes used to impersonate people and proxy stand-ins for technical assessments.

Read Post

Persona

Read more about Introducing Persona's candidate verification solution: Stop AI-powered candidate fraud before it reaches your workforce

How AI Phone Scams Work (And What to Do If You're Affected)

Mar 11, 2026 By The Cyber Helpline In The Cyber Helpline

Phone scams are nothing new, but a recent report from National Trading Standards highlights a shift in how they work.

Read Post

The Cyber Helpline

Read more about How AI Phone Scams Work (And What to Do If You're Affected)

How to Detect Account Takeover Attempts in the First 5 Minutes

Mar 9, 2026 By Ezra M. In Memcyco

Most ATO detection tools are watching the wrong moment. Attackers don’t start at your login page – they start days earlier, registering lookalike domains, cloning your site, and harvesting credentials before your stack sees a single signal. Knowing how to detect account takeover means moving detection upstream: to the reconnaissance stage, the cloning event, and the live harvesting window. That’s where the attack is stoppable.

Read Post

Memcyco

Read more about How to Detect Account Takeover Attempts in the First 5 Minutes

Effective Account Takeover Mitigation Playbook: Real-Time ATO Response Framework

Mar 6, 2026 By Ezra M. In Memcyco

Account takeover mitigation is the process of detecting, containing, and preventing unauthorized access to user accounts before financial or reputational damage occurs. Effective mitigation depends on real-time detection, rapid response, and automated playbooks. Modern account takeover attacks execute in minutes. Credentials are harvested in real time through phishing, reverse proxy phishing, and man-in-the-middle techniques. Attackers often attempt login seconds after a user submits credentials.

Read Post

Memcyco

Read more about Effective Account Takeover Mitigation Playbook: Real-Time ATO Response Framework

Fake Calendar Invitations Move to Microsoft Outlook

Mar 6, 2026 By Roger Grimes In KnowBe4

Fake calendar invites have been a problem on Gmail for years. Even though they could appear on other calendar services, I hadn’t seen or read about a lot of it. Gmail had been taking the brunt of the fake calendar invites. However, I got a scam Microsoft Outlook calendar invite recently, and other Outlook users are complaining more as well. So, what was previously happening mostly in Gmail has now moved over to Outlook, too. I am a busy guy.

Read Post

KnowBe4

Read more about Fake Calendar Invitations Move to Microsoft Outlook

How to avoid the fake buyers flooding Facebook Marketplace

Mar 5, 2026 By Kristina Ohr In Avast

Avoid fake buyers on Facebook Marketplace. Discover common scam tactics, warning signs, and expert tips to stay safe when selling online. You just sold a stack of old books for $100 on Facebook Marketplace. The buyer seemed eager, messaged instantly, and offered to pay extra. Sounds too good to be true? It probably is. Learn how to spot fake buyers before you lose both your money and your stuff. The buyer seems interested, perhaps too interested.

Read Post