OpenAI reports cybercriminals are increasingly using its AI models to generate fake content aimed at influencing elections. The startup has neutralised over 20 attempts this year, including accounts producing articles on the US elections. Several accounts from Rwanda were banned in July for similar activities related to elections in that country.
The company confirmed that none of these attempts succeeded in generating viral engagement or reaching sustainable audiences. However, the use of AI in election interference remains a growing concern, especially as the US approaches its presidential elections. The US Department of Homeland Security also warns of foreign nations attempting to spread misinformation using AI tools.
As OpenAI strengthens its global position, the rise in election manipulation efforts underscores the critical need for heightened vigilance. The company recently completed a $6.6 billion funding round, further securing its status as one of the most valuable private firms.
ChatGPT continues to see rapid growth, boasting 250 million weekly active users since launching in November 2022, emphasising the platform’s widespread influence.
A recent Microsoft support scam nearly cost a Washington DC couple $14,000 after they lost access to their email. Searching Google for help, they unknowingly called a scammer posing as a legitimate technician. The scammer claimed there was suspicious activity on their account and used scare tactics to convince them to give remote access to their computer.
The situation escalated when the scammer claimed a crooked bank employee was involved in leaking information. He suggested setting up a sting operation to catch the suspect. The couple, sensing something was off, cut off contact before any financial loss occurred.
Fake Microsoft support pages often appear in search results, luring users into thinking they’re contacting real customer service. Scammers then use panic-inducing language to access sensitive information. Victims like Bob unknowingly grant access, putting personal and financial data at risk.
To avoid falling victim to such scams, users should rely only on official Microsoft contact details. Verifying sources, installing strong antivirus software, and recognising red flags can prevent these sophisticated attacks.
Zoom plans to roll out custom AI avatars by 2025, offering users a photorealistic digital clone that can replicate head and arm movements. Users will be able to script what their avatar says, with audio synced to lip movements, making it a potential game-changer for asynchronous workplace communication.
The company sees these avatars as a time-saving tool, particularly for those needing to scale video content creation. Despite the promising benefits, questions remain about how Zoom will prevent misuse of this technology, particularly in light of growing concerns around deepfakes. Many fear these digital avatars could be used maliciously to impersonate others or spread disinformation.
Zoom has announced some safety measures, such as advanced authentication and watermarks, though details remain unclear. Other companies offering similar tools, such as Tavus and Microsoft, have stricter safeguards in place, raising concerns that Zoom’s efforts may not be sufficient to curb potential risks.
The rise of deepfakes continues to fuel regulatory debates. While some states in the US have introduced laws to combat the spread of AI-aided impersonation, there is still no comprehensive federal regulation addressing the issue. As Zoom prepares to launch this feature, the company will need to balance innovation with security.
The FBI has successfully orchestrated a crypto sting operation using a token it created to investigate market manipulation. The NexFundAI Token, launched on the Ethereum blockchain, was part of the operation that led to the indictment of 18 individuals and entities for their involvement in fraudulent activities.
The investigation uncovered a sophisticated scheme involving pump-and-dump operations and wash trading, which artificially inflated token prices. Over $25 million worth of cryptocurrency was seized, and several trading bots responsible for manipulating markets across 60 different tokens were shut down.
This operation, known as “Operation Token Mirrors,” is seen as a warning to crypto investors about the risks of market manipulation. Authorities, including the FBI and SEC, are continuing to investigate those involved in fraudulent crypto schemes.
Fortum, Finland’s largest power utility, is dealing with a wave of cyber threats and security incidents targeting its energy facilities, CEO Markus Rauramo revealed. The utility, which manages hydro, wind, solar, nuclear, and combined heat and power plants, faces daily denial-of-service attacks, disruptions to satellite communications, drone sightings, and suspicious individuals around its sites. Fortum has sought assistance from Finnish authorities to investigate the incidents, which have also impacted its operations in Sweden.
Finnish and Swedish intelligence services have declined to comment on the cyber attacks or identify any potential perpetrators. Fortum’s head of security, Jari Stenius, noted an uptick in the frequency of such incidents but emphasised that their impact on operations has been minimal so far. To strengthen its defences, the company has enforced strict access controls, employed private security, set up backup systems, and conducted regular drills with authorities.
The Finnish National Bureau of Investigation (KRP) confirmed that police are currently conducting several investigations into activities near critical infrastructure sites.
Mexico has become the focal point for cybercrime in Latin America, accounting for over 50% of all reported cyber threats in the region during the first half of 2024, according to a study by cybersecurity firm Fortinet. With 31 billion cybercrime attempts, hackers are taking advantage of Mexico’s strategic ties with the US and booming industries like logistics and manufacturing, which are being targeted for larger ransom payouts.
Fortinet’s report highlighted how cybercriminals are using advanced tools, such as AI, to streamline attacks and focus on specific sectors for maximum impact. The rapid shift of production closer to the US, known as nearshoring, has made Mexico’s electronics and automotive industries prime targets. Despite a slight dip in attack numbers compared to last year, the overall threat level remains significant.
Experts, including Fortinet executives, emphasised the need for Mexico to strengthen its cybersecurity laws. While President Claudia Sheinbaum has pledged to establish a cybersecurity and AI center, there has been no mention of legal measures yet. Cybersecurity professionals warn that urgent action is needed as Mexico’s role in global supply chains continues to grow.
David Kagel, an 86-year-old former California attorney, has been sentenced to five years probation and ordered to pay nearly $14 million after admitting to his role in a crypto Ponzi scheme. Kagel, who is currently in hospice care, pleaded guilty to conspiracy to commit commodity fraud, according to a ruling by Las Vegas Federal Court Judge Gloria Navarro.
Prosecutors revealed that Kagel, along with two accomplices, ran the fraudulent scheme from December 2017 to June 2022, luring investors with promises of high returns through a crypto bot trading programme. Victims were convinced their investments were secure, with claims of guaranteed profits and no risk. Kagel even drafted letters on his law firm’s official letterhead to build trust among investors, falsely claiming to hold significant amounts of Bitcoin in escrow.
Kagel’s law license had been revoked by the California Supreme Court in 2023 after misappropriating client funds, with previous suspensions in 1997 and 2012. His co-conspirators, David Saffron and Vincent Mazzotta, have pleaded not guilty and await trial next year.
Coinbase has warned Gen Z users about the increasing threat of online scams, particularly those targeting cryptocurrency investors. In a recent blog post, the platform highlighted four major risks – social media fraud, romance scams, fake websites, and recovery schemes. The company stressed the importance of personal responsibility when securing crypto assets, as users are their own safeguards in the decentralised crypto world.
Among the scams discussed, fraudsters frequently use social media platforms like Instagram and TikTok to lure victims by impersonating public figures or promoting fake investment opportunities. Romance scams, also known as ‘pig butchering’ scams, were another key threat, with scammers building fake relationships to steal funds from their victims. A recent scam in Vietnam saw victims lose over $700,000 through a fraudulent investment platform.
Coinbase also pointed out the dangers of fake websites that mimic legitimate companies to trick users into providing sensitive information or funds. The platform encourages users to stay vigilant and report suspicious activity to law enforcement or platforms like Coinbase, helping prevent others from falling victim to similar fraud.
Ghana has launched its revised National Cybersecurity Policy and Strategy (NCPS) to tackle the escalating cybersecurity threats arising from its rapid digital transformation. The comprehensive framework is designed to address current cyber risks and anticipate emerging ones, ensuring that Ghana’s digital infrastructure remains resilient and secure over the next five years.
The initiative was officially unveiled during the opening ceremony of the 2024 National Cybersecurity Awareness Month (NCSAM) in Accra, which, notably, saw significant participation from high-ranking officials, including the leadership of the Ghana Armed Forces and key stakeholders in cybersecurity. Moreover, the policy is anchored on five essential pillars – Legal Measures, Technical Measures, Organisational Measures, Capacity Building, and Cooperation.
Why does it matter?
The NCPS addresses the rapid digitalisation occurring across critical sectors such as finance, healthcare, education, and commerce at a pivotal moment for the nation. While these advancements offer substantial socioeconomic benefits, they also expose the nation to significant cyber risks that could jeopardise economic stability and public safety.
Therefore, by implementing the NCPS, Ghana aims to strengthen its defences against these threats, protect its digital achievements and ensure sustainable technological progress. Furthermore, Minister Ursula Owusu-Ekuful emphasised that the policy serves as a vital roadmap for addressing current and future cyber threats. In addition, that underscores the importance of enhancing public-private collaboration to bolster the country’s overall digital resilience.
Marriott International will implement an information security program following a settlement with the US Federal Trade Commission (FTC) over data breaches that impacted more than 344 million customers between 2014 and 2020. The settlement requires Marriott and its subsidiary, Starwood Hotels & Resorts Worldwide, to address the vulnerabilities that led to multiple breaches over several years.
The hotel chain also agreed to provide US customers with a way to request deletion of their personal data linked to their email address or loyalty rewards account. In addition, Marriott will review loyalty rewards accounts upon request and restore stolen points. A separate settlement sees Marriott paying $52 million to resolve similar data security claims across 49 states and the District of Columbia.
Marriott has stated that protecting guests’ personal data remains a top priority and that the company continues to invest heavily in improving its cybersecurity measures. However, Marriott did not admit liability for the breaches in either the FTC settlement or the agreements with state Attorneys General.
In 2020, the company faced a class action lawsuit in London brought by millions of former guests seeking compensation after their personal information was compromised during the breaches, considered one of the largest in history.
