Consumer protection

US warns of rising senior health fraud as AI lifts scam sophistication

AI-driven fraud schemes are on the rise across the US health system, exposing older adults to increasing financial and personal risks. Officials say tens of billions in losses have already been uncovered this year. High medical use and limited digital literacy leave seniors particularly vulnerable.

Criminals rely on schemes such as phantom billing, upcoding and identity theft using Medicare numbers. Fraud spans home health, hospice care and medical equipment services. Authorities warn that the ageing population will deepen exposure and increase long-term harm.

AI has made scams harder to detect by enabling cloned voices, deepfakes and convincing documents. The tools help impersonate providers and personalise attacks at scale. Even cautious seniors may struggle to recognise false calls or messages.

Investigators are also using AI to counter fraud by spotting abnormal billing, scanning records for inconsistencies and flagging high-risk providers. Cross-checking data across clinics and pharmacies helps identify duplicate claims. Automated prompts can alert users to suspicious contacts.

Experts urge seniors to monitor statements, ignore unsolicited calls and avoid clicking unfamiliar links. They should verify official numbers, protect Medicare details and use strong login security. Suspicious activity should be reported to Medicare or to local fraud response teams.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Spain opens inquiry into Meta over privacy concerns

Prime Minister of Spain, Pedro Sánchez, has announced that an investigation will be launched against Meta following concerns over a possible large-scale violation of user privacy.

The company will be required to explain its conduct before the parliamentary committee on economy, trade and digital transformation instead of continuing to handle the issue privately.

Several research centres in Spain, Belgium and the Netherlands uncovered a concealed tracking tool used on Android devices for almost a year.

Their findings showed that web browsing data had been linked to identities on Facebook and Instagram even when users relied on incognito mode or a VPN.

The practice may have contravened key European rules such as the GDPR, the ePrivacy Directive, the Digital Markets Act and the Digital Services Act, while class action lawsuits are already underway in Germany, the US and Canada.

Pedro Sánchez explained that the investigation aims to clarify events, demand accountability from company leadership and defend any fundamental rights that might have been undermined.

He stressed that the law in Spain prevails over algorithms, platforms or corporate size, and those who infringe on rights will face consequences.

The prime minister also revealed a package of upcoming measures to counter four major threats in the digital environment. A plan that focuses on disinformation, child protection, hate speech and privacy defence instead of reactive or fragmented actions.

He argued that social media offers value yet has evolved into a space shaped by profit over well-being, where engagement incentives overshadow rights. He concluded that the sector needs to be rebuilt to restore social cohesion and democratic resilience.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Twitch is classified as age-restricted by the Australian regulator

Australia’s online safety regulator has moved to classify Twitch as an age-restricted social media platform after ruling that the service is centred on user interaction through livestreamed content.

The decision means Twitch must take reasonable steps to stop children under sixteen from creating accounts from 10 December instead of relying on its own internal checks.

Pinterest has been treated differently after eSafety found that its main purpose is image collection and idea curation instead of social interaction.

As a result, the platform will not be required to follow age-restriction rules. The regulator stressed that the courts hold the final say on whether a service is age-restricted. Yet, the assessments were carried out to support families and industry ahead of the December deadline.

The ruling places Twitch alongside earlier named platforms such as Facebook, Instagram, Kick, Reddit, Snapchat, Threads, TikTok, X and YouTube.

eSafety expects all companies operating in Australia to examine their legal responsibilities and has provided a self assessment tool to guide platforms that may fall under the social media minimum age requirements.

eSafety confirmed that assessments have been completed in stages to offer timely advice while reviews were still underway. The regulator added that no further assessments will be released before 10 December as preparations for compliance continue across the sector.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

US considers allowing Bitcoin tax payments

Americans may soon be able to pay federal taxes in Bitcoin under a new bill introduced in the House of Representatives. The proposal would send BTC tax payments straight into the US strategic reserve and spare taxpayers from capital gains reporting.

Representative Warren Davidson says that BTC tax payments allow the government to build an appreciating reserve without purchasing coins on the open market. He says that Bitcoin-based revenue strengthens the national position as the dollar continues to lose value due to inflation.

Supporters say the plan expands the reserve in a market-neutral way and signals a firmer national stance on Bitcoin adoption. They argue a dedicated reserve reduces the risk of future regulatory hostility and may push other countries to adopt similar strategies.

Critics warn that using seized or forfeited BTC to grow the reserve creates harmful incentives for enforcement agencies. Some commentators say civil asset forfeiture already needs reform, while others argue the reserve is still positive for Bitcoin’s long-term global position.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Binance Japan integrates PayPay Money for crypto

Binance Japan and PayPay have launched a new service that enables users to purchase crypto assets using PayPay Money and PayPay Points. The integration allows funds deposited from PayPay Money to be used directly for spot trading on Binance Japan.

Users can also withdraw proceeds from crypto sales back into their PayPay Balance. Previously, trading and withdrawals were restricted to Japanese yen transfers via domestic banks or external wallets.

The new system allows one-click deposits and withdrawals, starting from JPY 1,000.

The service works 24 hours a day, 365 days a year, offering a smoother trading experience for both mobile and web users. To activate the integration, users enable the linkage via the PayPay icon within Binance Japan’s trading platform.

The initiative reflects growing collaboration between PayPay and Binance Japan, aiming to enhance convenience and accessibility for both first-time traders and experienced users while expanding crypto adoption in Japan.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

AI use rises among Portuguese youth

A recent survey reveals that 38.7% of Portuguese individuals aged 16 to 74 used AI tools in the three months preceding the interview, primarily for personal purposes. Usage is particularly high among 16 to 24-year-olds (76.5%) and students (81.5%).

Internet access remains widespread, with 89.5% of residents going online recently. Nearly half (49.6%) placed orders online, primarily for clothing, footwear, and fashion accessories, while 74.2% accessed public service websites, often using a Citizen Card or Digital Mobile Key for authentication.

Digital skills are growing, with 59.2% of the population reaching basic or above basic levels. Young adults and tertiary-educated individuals show the highest digital proficiency, at 83.4% and 88.4% respectively.

Household internet penetration stands at 90.9%, predominantly via fixed connections.

Concerns about online safety are on the rise, as 45.2% of internet users reported encountering aggressive or discriminatory content, up from 35.5% in 2023. Reported issues include discrimination based on nationality, politics, and sexual identity.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

VPN credential theft emerges as top ransomware entry point

Cyber Express reports that compromised VPN credentials are now the most common method for ransomware attackers to gain entry. In Q3 2025, nearly half of all ransomware incidents began with valid, stolen VPN logins.

The analysis, based on data from Beazley Security (the insurance arm of Beazley), reveals that threat actors are increasingly exploiting remote access tools, rather than relying solely on software exploits or phishing.

Notably, VPN misuse accounted for more initial access than social engineering, supply chain attacks or remote desktop credential compromises.

One contributing factor is that many organisations do not enforce multi-factor authentication (MFA) or maintain strict access controls for VPN accounts. Cyber Express highlights that this situation underscores the ‘critical need’ for MFA and for firms to monitor for credential leaks on the dark web.

The report also mentions specific ransomware groups such as Akira, Qilin and INC, which are known to exploit compromised VPN credentials, often via brute-force attacks or credential stuffing.

From a digital-security policy standpoint, the trend has worrying implications. It shows how traditional perimeter security (like VPNs) is under pressure, and reinforces calls for zero-trust architectures, tighter access governance and proactive credentials-monitoring.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Popular Python AI library compromised to deliver malware

Security researchers have confirmed that the Ultralytics YOLO library was hijacked in a supply-chain attack, where attackers injected malicious code into the PyPI-published versions 8.3.41 and 8.3.42. When installed, these versions deployed the XMRig cryptominer.

The compromise stemmed from Ultralytics’ continuous-integration workflow: by exploiting GitHub Actions, the attackers manipulated the automated build process, bypassing review and injecting cryptocurrency mining malware.

The maintainers quickly removed the malicious versions and released a clean build (8.3.43); however, newer reports suggest that further suspicious versions may have appeared.

This incident illustrates the growing risk in AI library supply chains. As open-source AI frameworks become more widely used, attackers increasingly target their build systems to deliver malware, particularly cryptominers.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Italy closes Google probe after consent changes

Italy has closed its investigation into Google after the company agreed to adjust how it requests user consent for personal data use. Regulators had accused Google of presenting unclear and potentially misleading choices when connecting users to its services.

The authority said Google will now offer clearer explanations about how consent affects data processing. Updates will outline where personal information may be combined or used across the company’s wider service ecosystem.

Officials launched the probe in July 2024, arguing Google’s approach could amount to aggressive commercial practice. Revised consent flows were accepted as sufficient remedies, leading to the closure of the case without financial penalties.

The Italian competition regulator indicated that transparency improvements were central to compliance. Similar scrutiny continues across Europe as regulators assess how large technology firms obtain permission for extensive data handling.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Bangladesh unveils national roadmap for ethical AI development

Bangladesh has launched its first national AI Readiness Assessment Report to guide ethical, inclusive and rights-centred development of AI across public services.

The report was unveiled in Dhaka with representatives from government, international organisations, academia, civil society and the private sector. Officials described the assessment as a pivotal step as the country prepares for an increasingly AI-driven era.

The report outlines Bangladesh’s current strengths, including solid progress in e-government and high public trust in digital services, while also identifying areas requiring urgent attention.

Connectivity gaps, digital divides, limited computing capacity and the need for stronger data protection and cybersecurity remain key challenges. Policymakers noted that evidence-based decisions are essential as Bangladesh completes its National AI Policy.

International partners highlighted that the direction of AI development will depend heavily on choices made today. Strengthening digital infrastructure, improving skills, and building rights-driven governance structures were cited as central to ensuring AI benefits all communities.

Stakeholders also stressed the importance of using AI to improve services across health, education, justice and social protection without deepening existing inequalities.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!