A Florida woman, Dianne Ringstaff, shared her painful story after falling victim to an elaborate online scam involving someone impersonating actor Keanu Reeves. The fraud began innocently when she received a message while playing a mobile game, followed by a video call confirming she was speaking with the Hollywood star.
The impostor cultivated a friendship through calls and messages for two and a half years, eventually gaining her trust. Things took a turn when the scammer began pleading for money, claiming Reeves was being sued and targeted by the FBI, which had supposedly frozen his assets.
Vulnerable after personal losses, Ringstaff was persuaded to help, ultimately taking out a home equity loan and selling her car. She sent around $160,000 in total, convinced she was aiding the beloved actor.
Authorities later informed her that not only had she been scammed, but her bank account had been used to funnel money from other victims as well. Devastated, Ringstaff broke down—but is now determined to reclaim her life and raise awareness.
She is speaking out to warn others about the growing threat of AI-powered ‘romance’ scams, where fraudsters use deepfake videos and cloned voices to impersonate celebrities and gain victims’ trust.
‘Don’t be naive,’ she cautions. ‘Do your research and don’t give out personal information unless you truly know who you’re dealing with.’
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
A German court has ruled in favour of Meta, allowing the tech company to use data from Facebook and Instagram to train AI systems. A Cologne court ruled Meta had not breached the EU law and deemed its AI development a legitimate interest.
According to the court, Meta is permitted to process public user data without explicit consent. Judges argued that training AI systems could not be achieved by other equally effective and less intrusive methods.
They noted that Meta plans to use only publicly accessible data and had taken adequate steps to inform users via its mobile apps.
Despite the ruling, the North Rhine-Westphalia Consumer Advice Centre remains critical, raising concerns about legality and user privacy. Privacy group Noyb also challenged the decision, warning it could take further legal action, including a potential class-action lawsuit.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Since the launch of ChatGPT in late 2022, threat actors have used generative AI to write malware, craft phishing emails, and execute realistic social engineering schemes.
One notable case from January 2024 involved a finance employee who was deceived into transferring $25 million during a video call with AI-generated deepfakes of company executives.
Criminals have also found ways to bypass safety features in AI models using techniques such as prompt chaining, injection, and jailbreaking to generate malicious outputs.
While generative AI has already lowered the barrier to entry for cybercrime, the report highlights that agentic AI—capable of autonomously executing complex tasks—poses a far greater risk by automating time-consuming attacks like ransomware at scale.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Staying safe from cybercriminals can be surprisingly simple. While AI-powered scams grow more realistic, some signs are still painfully obvious.
If you spot the letters ‘.TOP’ in any message link, it’s best to stop reading and hit delete. That single clue is often enough to expose a scam in progress.
Most malicious texts pose as alerts about road tolls, deliveries or account issues, using trusted brand names to lure victims into clicking fake links.
These links often lead to freshly created domains designed to look convincing, yet they typically vanish within hours. Millions of such messages are sent monthly, and they’re powered by a constant churn of throwaway domains.
The worst of these is the ‘.TOP’ top-level domain (TLD), which has become infamous for its role in phishing and scam operations. Although launched in 2014 for premium business use, its low cost and lack of oversight quickly made it a favourite among cyber gangs, especially those based in China.
Today, nearly one-third of all .TOP domains are linked to cybercrime — far surpassing the criminal activity seen on mainstream domains like ‘.com’.
Despite repeated warnings and an unresolved compliance notice from internet regulator ICANN, abuse linked to .TOP has only worsened.
Experts warn that it is highly unlikely any legitimate Western organisation would ever use a .TOP domain. If one appears in your messages, the safest option is to delete it without clicking.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
As AI-generated images grow increasingly lifelike, a cyber security expert has warned that families should create secret passwords to guard against deepfake scams.
Cody Barrow, chief executive of EclecticIQ and a former US government adviser, says AI is making it far easier for criminals to impersonate others using fabricated videos or images.
Mr Barrow and his wife now use a private code to confirm each other’s identity if either receives a suspicious message or video.
He believes this precaution, simple enough for anyone regardless of age or digital skills, could soon become essential. ‘It may sound dramatic here in May 2025,’ he said, ‘but I’m quite confident that in a few years, if not months, people will say: I should have done that.’
The warning comes the same week Google launched Veo 3, its AI video generator capable of producing hyper-realistic footage and lifelike dialogue. Its public release has raised concerns about how easily deepfakes could be misused for scams or manipulation.
Meanwhile, President Trump signed the ‘Take It Down Act’ into law, making the creation of deepfake pornography a criminal offence. The bipartisan measure will see prison terms for anyone producing or uploading such content, with First Lady Melania Trump stating it will ‘prioritise people over politics’
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Telegram founder Pavel Durov will deliver a livestreamed keynote at the Oslo Freedom Forum, following a French court decision barring him from international travel. The Human Rights Foundation (HRF), which organizes the annual event, expressed disappointment at the court’s ruling.
Durov, currently under investigation in France, was arrested in August 2024 on charges related to child sexual abuse material (CSAM) distribution and failure to assist law enforcement.
He was released on €5 million bail but ordered to remain in the country and report to police twice a week. Durov maintains the charges are unfounded and says Telegram complies with law enforcement when possible.
Recently, Durov accused French intelligence chief Nicolas Lerner of pressuring him to censor political voices ahead of elections in Romania. France’s DGSE denies the allegation, saying meetings with Durov focused solely on national security threats.
The claim has sparked international debate, with figures like Elon Musk and Edward Snowden defending Durov’s stance on free speech.
Supporters say the legal action against Durov may be politically motivated and warn it could set a dangerous precedent for holding tech executives accountable for user content. Critics argue Telegram must do more to moderate harmful material.
Despite legal restrictions, HRF says Durov’s remote participation is vital for ongoing discussions around internet freedom and digital rights.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Authorities across Europe, North America and the UK have dismantled a major global malware network by taking down over 300 servers and seizing millions in cryptocurrency. The operation, led by Eurojust, marks a significant phase of the ongoing Operation Endgame.
Law enforcement agencies from Germany, France, the Netherlands, Denmark, the UK, the US and Canada collaborated to target some of the world’s most dangerous malware variants and the cybercriminals responsible for them.
The takedown also resulted in international arrest warrants for 20 suspects and the identification of more than 36 individuals involved.
The latest move follows similar action in May 2024, which had been the largest coordinated effort against botnets. Since the start of the operation, over €21 million has been seized, including €3.5 million in cryptocurrency.
The malware disrupted in this crackdown, known as ‘initial access malware’, is used to gain a foothold in victims’ systems before further attacks like ransomware are launched.
Authorities have warned that Operation Endgame will continue, with further actions announced through the coalition’s website. Eighteen prime suspects will be added to the EU Most Wanted list.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Microsoft has come under scrutiny after the Associated Press reported that the company blocked the email account of Karim Khan, Chief Prosecutor of the International Criminal Court (ICC), in compliance with US sanctions imposed by the Trump administration.
While this ban is widely reported, Microsoft, according to DataNews, strongly denied this action, arguing that ICC moved Khan’s email to the Proton service. So far, there has been no response from the ICC.
Legal and sovereignty implications
The incident highlights tensions between US sanctions regimes and global digital governance. Section 2713 of the 2018 CLOUD Act requires US-based tech firms to provide data under their ‘possession, custody, or control,’ even if stored abroad or legally covered by a foreign jurisdiction – a provision critics argue undermines foreign data sovereignty.
That clash resurfaces as Microsoft campaigns to be a trusted partner for developing the EU digital and AI infrastructure, pledging alignment with European regulations as outlined in the company’s EU strategy.
Broader impact on AI and digital governance
The controversy emerges amid a global race among US tech giants to secure data for AI development. Initiatives like OpenAI’s for Countries programmes, which offer tailored AI services in exchange for data access, now face heightened scrutiny. European governments and international bodies are increasingly wary of entrusting critical digital infrastructure to firms bound by US laws, fearing legal overreach could compromise sovereignty.
Why does it matter?
The ‘Khan email’ controversy makes the question of digital vulnerabilities more tangible. It also brings into focus the question of data and digital sovereignty and the risks of exposure to foreign cloud and tech providers.
DataNews reports that the fallout may accelerate Europe’s push for sovereign cloud solutions and stricter oversight of foreign tech collaborations.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
A ransomware gang has published what it claims is sensitive data from multiple French organisations on a dark web forum.
The Stormous cartel, active since 2022, posted the dataset as a ‘comprehensive leak’ allegedly involving high-profile French government bodies.
However, researchers from Cybernews examined the information and found the data’s quality questionable, with outdated MD5 password hashes indicating it could be from older breaches.
Despite its age, the dataset could still be dangerous if reused credentials are involved. Threat actors may exploit the leaked emails for phishing campaigns by impersonating government agencies to extract more sensitive details.
Cybernews noted that even weak password hashes can eventually be cracked, especially when stronger security measures weren’t in place at the time of collection.
Among the affected organisations are Agence Française de Développement, the Paris Region’s Regional Health Agency, and the Court of Audit.
The number of exposed email addresses varies, with some institutions having only a handful leaked while others face hundreds. The French cybersecurity agency ANSSI has yet to comment.
Last year, France faced another massive exposure incident affecting 95 million citizen records, adding to concerns about ongoing cyber vulnerabilities.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Microsoft has introduced a significant update to Notepad, version 11.2504.46.0, unveiling a new AI-powered ‘Write’ feature for Windows 11 users.
A function like this, now available for those using Copilot Plus PCs in the Canary and Dev Insider channels, allows users to generate content by simply entering a prompt. Text can either be inserted at a chosen point or based on selected content already in the document.
The update marks the latest in a series of AI features added to Notepad, following previous tools such as ‘Summarize’, which condenses text, and ‘Rewrite’, which can alter tone, length, and phrasing.
Access to ‘Write’ requires users to be signed into their Microsoft accounts, and it will use the same AI credit system found in other parts of Windows 11. Microsoft has yet to clarify whether these credits will eventually come at a cost for users not subscribed to Microsoft 365 or Copilot Pro.
Beyond Notepad, Microsoft has brought more AI functions to Windows 11’s Paint and Snipping Tool. Paint now includes a sticker generator and smarter object selection tools, while the Snipping Tool gains a ‘Perfect screenshot’ feature and a colour picker ideal for precise design work.
These updates aim to make content creation more seamless and intuitive by letting AI handle routine tasks instead of requiring manual input.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
