Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Frequent flyer programs have long been a symbol of loyalty and reward in the airline industry. These programs are intended to reward travelers with benefits and encourage ongoing customer relationships. However, a growing and pervasive threat is lurking beneath the allure of free miles and exclusive perks: Frequent Flyer Miles fraud. At the last credible count in 2018, there were over 30 trillion unspent miles in circulation, according to McKinsey.

Fraud is a rampant threat to individuals and organizations worldwide and across all sectors. In order to protect against the dangers of fraud in its many forms, it is vital to stay in the loop on the latest fraud trends and the threat landscape. The Fraudscape 2024 report from Cifas, the UK’s Fraud Prevention Community, is an effort to share this information to help prevent fraud.

Scammers have leapt at the opportunity to exploit vulnerable UK residents by sending bogus messages telling them they need to take action to receive help with their winter heating bills. In July, the UK's new Labour Government announced that it was limiting who was eligible for assistance with their winter fuel bills by making eligibility means-tested.

Google Voice scams continue to pose a risk for users of this service. Scammers continuously attempt to lure users into divulging their verification PIN code. By stealing other people's Google Voice accounts, hackers and scammers impersonate their victims by luring others into fraudulent transactions. Scammers make millions per year using other people's Google Voice accounts. How should users protect their identification and PIN codes for bank accounts, travel sites, and Google Voice accounts?

You can spot Amazon scam emails if you realize the sender’s email address is not from the official Amazon domain, the message contains a generic greeting and your email service provider warns you that the message may be dangerous. According to data collected by the Federal Trade Commission (FTC), 34,000 reports were made in 2023 about scammers impersonating Amazon, resulting in approximately $19 million in losses.

Threat actors are abusing DocuSign’s API to send phony invoices that appear “strikingly authentic,” according to researchers at Wallarm. “Unlike traditional phishing scams that rely on deceptively crafted emails and malicious links, these incidents use genuine DocuSign accounts and templates to impersonate reputable companies, catching users and security tools off guard,” Wallarm says.

Cybercriminals are impersonating OpenAI in a widespread phishing campaign designed to trick users into handing over financial information. The emails inform users that a payment for their ChatGPT subscription was declined, inviting them to click a link in order to update their payment method. The phishing emails appear fairly convincing, but trained users could spot some red flags. The most obvious giveaway is that the emails were sent from “info@mtacom,” which is clearly unrelated to OpenAI.

If you’ve ever run an online ad campaign, be it through an advertising agency or in-house, there’s a very high chance that you, too, have fallen victim to undetected ad fraud. It’s not pleasant to hear, but your ad dollars often find their way into the pockets of cyber crooks. The costs of ad fraud are astronomical and continue to grow year after year. In Q1 of 2024, ad networks experienced an 18% click fraud rate across desktop web (26%), mobile web (15%), and mobile in-app (10%).