Cybersecurity

Google highlights rising online scam threats

Google has warned that online scams remain a major global challenge, citing estimates that fraud losses could reach nearly $580 billion in 2025.

In its latest fraud and scams advisory, the company said phishing attacks are becoming more sophisticated, with criminals using adversary-in-the-middle techniques and QR code phishing, also known as quishing, to steal credentials and bypass security measures.

The advisory also highlighted risks linked to cryptocurrency investment scams, malicious finance applications and police impersonation schemes. According to Google, scammers are using AI, social engineering and trusted digital services to deceive users, obtain money and collect sensitive information.

Google said its Trust & Safety teams are using AI tools, predictive analytics and policy enforcement to detect and disrupt fraudulent activity across its services. The company also pointed to measures such as stronger protections for session cookies, enforcement against deceptive crypto ads, monitoring of post-installation app behaviour and developer identity verification for apps installed on certified Android devices.

The company urged users to be cautious of unsolicited communications, unrealistic investment promises, unexpected QR codes and requests for personal or financial information.

Why does it matter?

The advisory shows how online fraud is becoming a cross-platform governance problem rather than a narrow cybersecurity issue. Scams now rely on trusted cloud services, mobile apps, messaging platforms, crypto infrastructure and impersonation of public authorities. That creates pressure on major technology companies to strengthen detection, app accountability and policy enforcement, while raising broader questions about consumer protection, platform responsibility and digital trust.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Crypto mixers gain recognition in US Treasury assessment

The US Treasury Department has acknowledged that cryptocurrency mixers may have lawful privacy uses, while warning that such tools remain vulnerable to abuse by illicit actors.

In a March 2026 report to Congress on innovative technologies to counter illicit finance involving digital assets, Treasury said lawful users may rely on mixers to protect sensitive financial information when transacting on public blockchains. The report said users may seek to conceal details about personal wealth, business payments, charitable donations or consumer spending habits.

Treasury distinguished between custodial digital asset services, including custodial mixers, and decentralised or non-custodial mechanisms that can operate without a central intermediary. Custodial services that accept and transmit value may be required to register with the Financial Crimes Enforcement Network as money services businesses, maintain records and file suspicious activity reports.

The report nevertheless stressed that criminals commonly use mixers, bridges and swaps to make illicit digital asset flows harder to trace. Treasury said mixing is frequently used by North Korea-linked cyber actors, money launderers, ransomware actors and darknet market participants.

Treasury also warned that stablecoins can form part of complex laundering processes involving mixers and other obfuscation techniques. According to the report, illicit actors may move stolen or fraud-linked assets through mixers and then swap them into stablecoins to break the traceable link to the original criminal activity.

The assessment was prepared under the GENIUS Act, which required the Treasury to examine innovative tools for countering illicit finance involving digital assets, including the role of mixers, tumblers and similar services.

Why does it matter?

The report shows the regulatory tension at the centre of digital asset policy: privacy tools can protect legitimate users on transparent public blockchains, but the same tools can also weaken AML/CFT controls, sanctions enforcement and law enforcement tracing. Treasury’s framing matters because future rules on mixers, DeFi, blockchain analytics and stablecoin compliance will need to balance financial privacy with security and illicit finance risks.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!  

Ofcom warns platforms over online abuse ahead of FIFA World Cup 2026

Ofcom has urged online platforms to strengthen protections against illegal hate speech, abuse, threats and harassment ahead of the FIFA World Cup 2026. The UK regulator reminded technology companies that they have legal responsibilities under the Online Safety Act to reduce the risk of users encountering criminal content on their services.

The intervention follows concerns about abuse directed at players, coaches, officials and commentators during previous international tournaments. According to Ofcom, online attacks have frequently targeted individuals based on race, ethnicity, perceived sexual orientation and disability, causing significant personal and professional harm.

Under the UK’s Online Safety Act, platforms are required to operate effective reporting systems, maintain adequately resourced moderation teams and remove illegal content without undue delay. Ofcom stated that evidence of failures to meet these obligations during the tournament could be considered as part of its ongoing compliance assessments.

The regulator also highlighted a partnership established earlier this year with the UK Football Policing Unit, the Football Association, the Premier League, the English Football League, the Women’s Super League, the Professional Footballers’ Association and anti-discrimination organisation Kick It Out.

The initiative aims to strengthen information sharing and support preventative measures against online abuse targeting individuals across the football ecosystem.

Why does it matter?

Major sporting events often lead to spikes in online abuse, particularly against athletes, officials and other high-profile figures. The scale and visibility of these events can amplify harmful behaviour and place additional pressure on platforms to enforce their content moderation policies effectively.

Ofcom’s intervention highlights how online safety regulation is increasingly being tested during major public events. The regulator’s warning also signals that compliance with the Online Safety Act will be assessed not only through policies on paper but through how platforms respond to real-world surges in harmful content.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Australia welcomes Apple child online safety tools

Australian Prime Minister Anthony Albanese has welcomed Apple’s new online safety controls for children, saying Apple CEO Tim Cook briefed him on the announcement.

According to Albanese, Cook said the changes were partly inspired by Australia’s under-16 social media age restrictions and by Apple’s continuing research into the impact of social media on children.

Albanese said Australia was proud of its work to support a safer online environment for children and argued that other countries are now developing similar social media age restrictions.

Cook invited Albanese to visit Apple during his next trip to the United States to see the technology in action. Albanese said he intended to accept the invitation as Australia continues to consider how best to protect children online.

The Prime Minister said Australian parents had led the push for stronger protections and that the government was backing their efforts. He said more than 5 million under-16 accounts had already been removed, deactivated, or restricted.

Albanese said social media companies have a social responsibility and that Australia would continue holding them to account to help keep children safe.

Why does it matter?

The announcement highlights how national online safety rules can shape platform design beyond a country’s borders. Australia’s under-16 social media restrictions have been closely watched internationally, and Albanese is presenting Apple’s new child safety tools as evidence that regulatory pressure can push major technology companies towards stronger child protection features. The case also shows the growing link between device-level controls, platform accountability, age assurance, and children’s digital rights.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

WhatsApp seeks contempt order against NSO over spyware targeting

WhatsApp has asked a US court to hold NSO Group in contempt, alleging that the spyware company violated a permanent injunction barring it from targeting WhatsApp and its users.

The company said it disrupted spear-phishing attempts linked to NSO after investigating user reports. According to WhatsApp, the activity involved malicious links that sought to redirect users to external websites outside the messaging platform.

WhatsApp also said it identified and removed test accounts and groups created on its service as part of the suspected NSO-linked activity. The company is sharing threat indicators to help users and researchers check whether targeting attempts may have occurred across WhatsApp, text messages, email, or other channels.

The latest filing follows WhatsApp’s earlier legal victory against NSO. The company said a court found that NSO violated federal and state anti-hacking laws and issued a permanent injunction barring NSO from targeting WhatsApp and its users.

WhatsApp described commercial spyware as a national security threat, arguing that surveillance-for-hire firms target not only messaging services but also browsers, operating systems, and other applications.
The company said the targets reported for such tools include journalists, government officials, military personnel, and humanitarian organisations. It also warned against easing US restrictions on NSO, which remains on the US government’s Entity List.

WhatsApp said it is contributing to the Spyware Accountability Initiative, which supports organisations working on forensic research, user support, and advocacy against spyware.

Why does it matter?

The case shows how legal orders against spyware companies may still require active technical monitoring and enforcement. WhatsApp’s contempt request also keeps pressure on the commercial spyware industry, where surveillance tools can move across platforms, devices, browsers, and operating systems. The story matters for encrypted communications because it shows that protecting users depends not only on encryption, but also on legal accountability, threat intelligence, vulnerability research, and support for civil society targets.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!  

European Commission welcomes the new G7 cybersecurity declaration

The European Commission has welcomed a new G7 Cybersecurity Working Group Declaration aimed at strengthening international cooperation in response to growing cyber threats.

Adopted under France’s G7 Presidency, the declaration calls for coordinated action to address cybersecurity challenges associated with quantum computing, AI, telecommunications infrastructure, and the protection of small and medium-sized enterprises (SMEs).

One of the declaration’s central priorities is accelerating the transition to post-quantum cryptography. As quantum computing capabilities continue to advance, governments and industry are being urged to accelerate preparations for new encryption standards capable of resisting future quantum attacks. The declaration describes migration to quantum-resistant encryption as an urgent cybersecurity priority that organisations should begin addressing now.

AI is another major focus of the declaration. The G7 declaration recognises that AI can both strengthen and threaten cybersecurity. Concerns include AI-enabled cyberattacks, model manipulation, data breaches, and software vulnerabilities.

The European Commission noted that it is preparing an action plan on AI and cybersecurity to help Member States and businesses address emerging risks while strengthening Europe’s cyber resilience.

The declaration also emphasises the importance of resilient telecommunications infrastructure and stronger protection for SMEs. Building on initiatives such as the NIS2 Directive and the Cyber Resilience Act, the EU said it will continue working with international partners to strengthen cybersecurity standards, protect critical infrastructure and support organisations facing increasingly sophisticated cyber threats.

Why does it matter?

The declaration reflects growing international recognition that cybersecurity challenges are increasingly transnational and require coordinated responses. Emerging technologies such as AI and quantum computing are creating new opportunities for innovation, but also introducing new vulnerabilities that could affect governments, businesses and critical infrastructure.

The emphasis on post-quantum cryptography is particularly significant, as organisations worldwide face the long-term challenge of protecting sensitive data against future quantum-enabled attacks. The declaration also highlights the growing importance of international cooperation in building cyber resilience and securing digital ecosystems.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

US unveils new strategy to accelerate AI adoption in national security

The Trump administration has issued a new National Security Presidential Memorandum aimed at accelerating the adoption of AI across the US national security apparatus.

According to the White House, the framework is intended to ensure that military personnel, intelligence professionals and national security agencies have access to advanced AI systems while maintaining accountability and operational control.

The memorandum directs federal agencies to expand the use of commercial and open-source AI technologies in support of national security missions. It also calls for investment in next-generation secure computing infrastructure capable of supporting increasingly advanced AI models and computational workloads.

The memorandum also proposes the creation of an AI National Security Strategic Reserve, bringing together leading non-governmental experts to support national security priorities.

The new framework places emphasis on accountability, reliability and command authority. The White House emphasised that agency leaders and military commanders will remain accountable for decisions and operations supported by AI systems.

Why does it matter?

AI is increasingly viewed as a strategic capability across defence, intelligence, cybersecurity and military planning. Governments are investing heavily in AI systems that can enhance analysis, decision support, operational planning and threat detection.

The memorandum signals Washington’s intention to accelerate the integration of AI into national security operations while maintaining human oversight and accountability. It also reflects broader geopolitical competition over advanced technologies, as major powers seek to secure advantages in AI-driven security capabilities.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Spain calls for United Nations Action on children’s digital rights

Spain has proposed the creation of a permanent multilateral working group within the UN to strengthen the regulation of digital environments and improve protections for children online.

The proposal was presented by Minister of Youth and Childhood, Sira Rego, during a ministerial roundtable at the Global Alliance of Pioneer Countries to End Violence Against Children in Turin.

According to Rego, stronger international cooperation is needed to regulate digital environments and protect children’s rights in response to abuses by major technology platforms. She said protecting children online requires regulations, rules, and control mechanisms that safeguard their rights and freedoms.

The proposal builds on earlier Ibero-American ministerial discussions on youth and childhood, during which countries agreed to establish an Ibero-American Observatory for the Well-being of Children, with a focus on protecting minors in digital environments. Spain is now proposing a similar approach within the UN framework.

A central element of Spain’s position is algorithmic transparency. Rego said algorithms are not neutral systems and can affect children’s ability to exercise their rights. She argued that such systems should be auditable and subject to democratic oversight by public authorities.

Alongside regulatory measures, Spain is advancing a National Strategy for Digital Environments to improve digital literacy among children, adolescents, and families. The strategy will combine education, pedagogical tools, and content creation to help protect children’s rights in digital spaces.

Why does it matter?

Spain’s proposal reflects growing pressure for international coordination on children’s digital rights. National rules alone often struggle to address platforms that operate across borders and use algorithmic systems that shape what children see, how they interact, and how their data is used. A UN-level working group could provide child online safety with a more permanent multilateral forum, especially on platform accountability and algorithmic transparency.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

Microsoft urges stronger biosecurity safeguards as AI transforms biotechnology

Microsoft has argued that rapid advances in AI and biotechnology are creating new biosecurity challenges that require stronger safeguards and closer cooperation between governments, industry, and the scientific community.

The company said AI is accelerating scientific discovery across areas such as healthcare, drug development, and materials science, while also increasing concerns about accidental harm and deliberate misuse of biological technologies.

Microsoft identifies a growing convergence between general-purpose AI models, specialised biological design tools, laboratory automation systems, and agentic AI technologies. The company argues that these capabilities can accelerate legitimate research but also complicate the biosecurity policy landscape.

A central focus of Microsoft’s recommendations is nucleic acid synthesis screening. The company describes synthetic DNA providers as a critical checkpoint in the biotechnology ecosystem because they are often where digital biological designs are translated into physical materials.

Microsoft said current DNA synthesis screening practices remain largely voluntary and unevenly applied across providers. It warned that gaps in screening become more consequential as AI-enabled biological design tools become more powerful.

The company pointed to its Paraphrase Project, which stress-tested existing screening systems against AI-designed biological sequences. Microsoft said the project showed where safeguards could fail and how they could be improved through responsible disclosure, red teaming, and rapid deployment of fixes.

Microsoft also highlighted growing bipartisan attention to biosecurity in the United States, including a 2025 executive order on biological research safety and the proposed Biosecurity Modernization and Innovation Act. The company said stronger screening requirements, conformity assessments, enforcement mechanisms, and public-private collaboration could help reduce risk while sustaining scientific innovation.

Why does it matter?

AI is becoming part of the biotechnology research pipeline, from biological design tools to automated laboratories. Microsoft’s intervention shows that AI safety debates are expanding beyond model behaviour and content safeguards into the physical infrastructure of science, including DNA synthesis providers, laboratory workflows, technical standards, and biosecurity screening. The key policy question is how to preserve scientific openness while preventing AI-enabled misuse of biological capabilities.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

UNICEF warns of AI risks to child online safety

UNICEF Vietnam has warned that rapid advances in AI are creating new risks for child online safety, including AI-generated child sexual abuse material and deepfakes.

The UNICEF Vietnam Representative, Silvia Danailov, issued a warning to mark International Children’s Day and Vietnam’s Month of Action for Children, which is held under the theme ‘Happy, safe and confident children in the digital world.’

Danailov said digital technologies can help children learn, connect, and develop future skills, but also create new forms of harm. She warned that generative AI can now be used to create highly realistic sexual images or videos of children without their knowledge or consent.

UNICEF, ECPAT, and INTERPOL research across 11 countries found that at least 1.2 million children reported that their images had been manipulated into sexually explicit deepfakes in the past year. Danailov said such harms can have lasting effects, even when images are digitally created, because children experience fear, shame, and loss of trust.

Nearly nine in ten children aged 12 to 17 in Vietnam are online, with many spending five to seven hours a day on the internet. Danailov said AI-driven risks add a new layer to existing challenges, such as cyberbullying and online exploitation, while also exposing inequalities between children who are supported online and those who are not.

Vietnam has strengthened its legal and policy framework, including a new government decree effective from 16 May 2026 that reinforces children’s right to privacy by prohibiting the disclosure of a child’s personal information without the child’s consent, when aged seven or older, and with the consent of their parents or caregivers.

The country has also approved the National Programme on Child Online Protection and Support for Development for 2026–2030, aimed at protecting children and empowering them as confident digital citizens through stronger legal frameworks, improved systems, education, and coordinated action.

UNICEF called for laws and enforcement to keep pace with technology, stronger child protection systems, safer platform design by technology companies, and better support for schools and families. Danailov also stressed that children must be heard and involved in creating safer digital environments.

Why does it matter?

The warning shows how generative AI is changing the landscape of child online safety. Children can now be harmed even without direct interaction with an offender, including through manipulated images and deepfake abuse. That makes child protection harder for families, schools, platforms, and regulators, and increases the need for safety-by-design, stronger reporting systems, legal safeguards, and trusted support channels for children.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Diplo chatbot can make mistakes. Consider checking important information.