Mass-appeal events have become prime targets for global cybercrime. With the 2026 FIFA World Cup approaching, the cybersecurity company ESET Venezuela organized a specialized online event to analyze the main digital threats facing fans.

 During the session, experts shared and explained that collective enthusiasm and the urgency to obtain tickets or exclusive promotions often cloud users’ judgment. This psychological factor is exploited by attackers to carry out large-scale financial scams and identity theft.

 Most common frauds in online football

The technical presentation detailed that the most common types of fraud operate through:

Cloning websites dedicated to selling tickets.

Deceptive offers of travel packages and accommodations.

Furthermore, ESET analysts examined for participants how cybercriminals use social media, instant messaging applications, and fake websites. Using advanced social engineering techniques, attackers impersonate official sponsors to trick victims into downloading malicious applications, compromising their mobile devices and exposing their banking information.

Key digital security tips for the World Cup season

To mitigate this vulnerability, the ESET Venezuela team shared practical recommendations for maintaining safe browsing during the global event:

• Verify the authenticity of all links received.
• Avoid entering credentials or financial data on unofficial platforms.
• Be wary of raffles or prizes of dubious origin.

In this way, the company reaffirmed the need to adopt a digital security approach to fully enjoy the biggest football event without putting technological, personal, or corporate assets at risk.

To learn more about cybersecurity, visit the ESET website:  https://www.eset.com/ve/. You can also follow them on social media: Instagram @esetla) and Facebook (ESET).

Information and image courtesy of ESET and Comstat Rowland Strategic Communications

Follow our news on Google! For current, interesting, and accurate information, click here to see all the content on Bitfinance.news. You can also find us on X/Twitter and Instagram

La entrada Experts analyze cyber scams related to the 2026 World Cup: Beware of a digital own goal apareció primero en Bitfinance.

An analysis conducted in late 2025 by ESET, a leading company in proactive threat detection, highlighted the evolution of ransomware (data kidnapping) as one of trends to watch closely in 2026. This first quarter of the year confirms its importance, and the cybersecurity company analyzes the most attacked industries, which countries were most affected, the situation in Latin America, and the incidence of each group.

Topics of paramount importance and interest to both experts and cautious users who follow these incidents.

According to the ransomware.live report, the three groups that dominated the first quarter of the year were Qilin, The Gentlemen, and Akira, which together accounted for almost 900 victims, representing more than 30% of the total attacks (approximately 2,200).

Qilin ransomware took first place with more than 400 attacks during the quarter. This ransomware-as-a-Service (RaaS) group, which also held this position last year, took the professionalization of cybercrime to a new level, so to speak, by providing legal counsel to its affiliates to strengthen their leverage during ransom negotiations.

Second place, with almost 250 attacks, went to The Gentlemen. This RaaS group represents a new era: it is moving away from mass attacks to focus on tailored operations. A silent and far more dangerous model, according to ESET, that redefines the rules of the game with targeted and adaptive campaigns.

Akira completed this negative podium, with more than 200 attacks to its name, many in Latin America. Its spread was so widespread that it even put major cybersecurity agencies around the world on alert, including the FBI.

Regarding the industries most affected by ransomware during the first three months of 2026, ESET found the manufacturing, technology, and healthcare sectors to be the most impacted. Following closely behind were business services, construction, and financial services.

“What is clear is that cyber attackers do not choose their victims randomly, but rather seek out organizations where they can generate a strong impact or sense of urgency, whether due to the immediate need to have their systems available, because they cannot afford long operational downtime, or because they handle critical or sensitive information. Ransomware groups continue to focus on economic and reputational impact, targeting industries undergoing digitalization but demonstrating less maturity in cybersecurity,” says Mario Micucci, Cybersecurity Researcher at ESET Latin America.

Internationally, with more than 1,000 attacks recorded, the United States was the country most affected by ransomware during the first quarter of 2026. The countries that followed recorded only 100 attacks or fewer, such as Germany, Great Britain, and France. Canada completed the top five affected countries.

Regarding Latin America, Brazil (50 attacks) and Mexico (30) were the most affected countries, but incidents were also recorded in Argentina, Chile, Peru, Paraguay, Ecuador, Venezuela, Colombia, Guatemala, Panama, and the Dominican Republic

The first quarter of 2026 confirms the trend that ransomware is not a temporary or declining threat, but a consolidated and constantly evolving phenomenon. “The combination of highly active groups, new emerging actors, and increasingly targeted attacks demonstrates that the model remains profitable for cyber attackers. Looking ahead, the focus should be on how organizations can strengthen their prevention, detection, and response capabilities, especially in critical sectors and regions where cybersecurity maturity still has significant gaps,” concludes Micucci of ESET.

For more information on this topic, please visit: https://www.welivesecurity.com/es/ransomware/actividad-ransomware-primer-trimestre-2026/.

Additionally, for other useful preventative information, visit https://www.eset.com/ve/ in Venezuela, and follow them on social media @eset_ve, Instagram (@esetla), and Facebook (ESET).

With information and image reference ​​provided by ESET and Comstat Rowland

Follow our news on Google! For current, interesting, and accurate information, click here to see all the content on Bitfinance.news. You can also find us on X/Twitter and Instagram

La entrada Manufacturing, technology, and healthcare organizations: Industries most affected by ransomware in 2026 apareció primero en Bitfinance.

ESET, a leading company in proactive threat detection, analyzes recovery scams, a type of money recovery fraud that operates as an umbrella term encompassing various predatory tactics, all aimed at the same goal: a second blow. Furthermore, it warns that if you take a moment to understand how they work, you’ll have a good chance of staying safe should you be contacted.

“Scammers only care about making money and take advantage of every opportunity to do so. If you’ve fallen for a scam, you shouldn’t let your guard down, as they won’t hesitate to revictimize you or exploit your desperation to recover stolen funds,” warns the ESET Latin America Cybersecurity Research Lab.

These scams begin when fraudsters buy lists of victims who have already fallen for fraud from other criminals, or they directly target victims of fraud they themselves have committed. Once identified, they contact them and impersonate recovery service providers, consumer protection agencies, government officials, law enforcement, regulators, and so on.

When exchanging information about the case, they promise to try to recover the funds in exchange for an advance payment, or they may claim that they already have the money and are redistributing it to affected customers. Another alternative is that they mention they only need to complete paperwork to release a refund supposedly managed by a government agency or entity.

“This is basically a form of advance fee scam, which in the United States in 2024 resulted in more than 7,000 reports and more than $102 million in losses. Even so, these numbers likely represent only the tip of the iceberg,” adds the ESET Lab.

ESET reports and details the warning signs to avoid a recovery scam

• Exaggerated claims: They say they already have funds or “guarantee” their recovery.
• Unsolicited contact: They arrive without being sought out, via email, social media, SMS, or phone call.
• Upfront payment: They request an initial fee, perhaps called a retainer fee, processing fee, administrative charge, or even a tax-related fee.
• Social engineering: They pressure you into making hasty decisions.
• Impersonation: They claim to be from an official agency, bank, or fraud team.
• Untraceable payment methods: They request crypto, gift cards, or payment apps that are difficult to reverse.
• Unprofessional emails: They use Gmail accounts or other webmail services instead of legitimate corporate addresses.

To avoid becoming a victim again, ESET shares and mentions some recommendations to keep in mind: never pay upfront fees to someone who contacts you out of the blue; always verify the identity of the person contacting you by looking up their information on official websites; And avoid posting stories online about how you were scammed, as criminals monitor the web for victims to target again.

If you have already been a victim of a money recovery scam, according to ESET, your options are limited. They advise reporting the incident to the relevant official authority in your country. This helps authorities map the fraud landscape and protect future victims. If you paid through a bank, notify them as soon as possible. Monitor your accounts and freeze any affected cards. If you provided personal information, change your passwords, activate MFA, and prepare for more convincing phishing attempts in the future.

ESET invites you to learn more about cybersecurity by visiting: https://www.welivesecurity.com/es/.

For other useful preventative information, you can also visit: https://www.eset.com/ve/, and their social media channels @eset_ve. They are also on Instagram (@esetla) and Facebook (ESET).

Information and image provided by ESET and Comstat Rowland

Follow our news on Google! For current, interesting, and accurate information, click here to see all the content on Bitfinance.news. You can also find us on X/Twitter and Instagram

La entrada The double deception: Fake services that scam you to recover money after you’ve been frauded apareció primero en Bitfinance.

ESET, a leading company in proactive threat detection, announces the launch of Cloud Workload Protection, a new security module designed to protect virtual machines in public cloud environments and extend threat visibility beyond traditional endpoints and servers.

Presented at RSA Conference 2026, this new module allows organizations to integrate cloud workload protection within ESET’s detection and response platform, consolidating the security management of endpoints, servers, and cloud environments into a single console.

“Many companies, especially in the midmarket and managed service providers, are increasingly adopting cloud services like virtual machines to improve their productivity,” says Michal Jankech, Vice President of Enterprise & SMB/MSP at ESET. “With ESET Cloud Workload Protection, we extend our protection to public cloud environments like AWS, Azure, and Google Cloud, reducing the attack surface and providing greater visibility into potential threats.”

The ESET Cloud Workload Protection module protects virtual machines in public cloud environments and integrates telemetry from these systems within the ESET PROTECT XDR platform, enabling security teams to gain broader visibility and respond more efficiently to incidents that may affect both on-premises and cloud infrastructures.

Unlike many solutions on the market that offer cloud workload protection as a standalone product, ESET includes this capability at no additional cost for ESET PROTECT customers (except for the Entry edition).

According to various industry estimates, the average cost of a data breach in public cloud environments can exceed $5 million per incident, reinforcing the need for tools that simplify protection and enable faster response to threats.

Furthermore, the new module maintains ESET’s characteristic focus on providing lightweight and efficient solutions, allowing IT teams to validate security controls and generate evidence of compliance with regulatory standards such as NIST, CIS, HIPAA, and PCI DSS.

AI-Powered Enhancements

Along with the new module, ESET is announcing several enhancements to the ESET PROTECT platform, focused on simplifying incident investigation and improving response capabilities to attacks.

Key new features include:

Advanced AI-powered reporting in ESET LiveGuard Advanced. ESET’s cloud sandboxing technology now includes more detailed behavioral reports on analyzed files. For organizations using subscriptions with XDR capabilities, these reports incorporate AI-generated summaries that help quickly interpret complex findings.

Enhancements to incident investigation for EDR and XDR customers. The platform now offers more comprehensive incident graphs, clearly visualizing how an attack unfolded, identifying the initial entry point, and tracking its evolution over time. New contextual data, such as identity-related information, is also incorporated to accelerate analysis and response processes.

Integration of ESET AI Advisor into the ESET PROTECT console. ESET’s AI-powered assistant is now directly integrated into the management console, providing security teams with easy access to its analysis and recommendation capabilities.

With these new capabilities, ESET continues to expand its security platform to help organizations manage increasingly hybrid and complex environments, combining proactive protection, advanced detection, and investigation tools to enable faster and more efficient responses to modern threats.

In parallel, the company also announced eCrime Reports, a new service within the ESET Threat Intelligence portfolio that offers detailed analysis of real-world incidents related to ransomware and infostealers. These reports include indicators of compromise (IoCs), technical campaign analysis, attack patterns, and recommendations to help security teams anticipate threats and strengthen their defense strategies.

To learn more about ESET solutions, visit: https://www.eset.com/latam/empresas/protect-platform/.

ESET invites you to learn more about cybersecurity by visiting: https://www.welivesecurity.com/es/.

For useful preventative data, also available in Venezuela: https://www.eset.com/ve/, and on their social media channels @eset_ve. Also on Instagram (@esetla) and Facebook (ESET).

Information and reference images provided by ESET and Comstat Rowland

Follow our news on Google! For current, interesting, and accurate information, click here to see all the content on Bitfinance.news. You can also find us on X/Twitter and Instagram

La entrada ESET strengthens cloud security with new AI-powered capabilities apareció primero en Bitfinance.

Although the conflict is unfolding in the Middle East, the repercussions in cyberspace can affect organizations worldwide. A clear example occurred less than 24 hours after the start of the conflict, when Iranian drones attacked cloud infrastructure facilities in the United Arab Emirates and Bahrain, affecting critical services and business applications in various regions.

ESET, a leading company in proactive threat detection, analyzes the impact of the war in Iran on the global cybersecurity landscape and warns about the main risks that organizations must monitor in this scenario.

Such incidents demonstrate that physical distance from a war zone does not guarantee isolation from its consequences, especially in highly interconnected environments.

However, for most organizations, the most immediate risk manifests itself in cyberspace. Following the initial military operations, actors linked to Iran rapidly increased their activity, with dozens of hacktivist groups actively supporting their interests.

Cyberspace is yet another active front, where attacks can escalate rapidly and have a global impact

This context creates a scenario in which multiple threat actors—from organized groups to hacktivists—can carry out attacks with different objectives, expanding the risk surface for companies and organizations worldwide.

“These types of conflicts highlight that cyberspace is yet another active front, where attacks can escalate rapidly and have a global impact. Organizations must be prepared to face an increase in malicious activity, even if they are far from the epicenter of the conflict,” comments Martina Lopez, Information Security Specialist at ESET Latin America.

Given this scenario, ESET emphasizes the importance of closely monitoring the evolution of threats, strengthening protection strategies, and understanding that current geopolitical conflicts have a direct impact on the digital world.

If you would like to learn more about this topic, you can visit: The impact of the war in Iran on cybersecurity: key risks you should monitor.

ESET invites you to learn more about cybersecurity by visiting: https://www.welivesecurity.com/es/.

For other useful preventative information, also available in Venezuela: https://www.eset.com/ve/, and on their social media channels @eset_ve. Also on Instagram (@esetla)  and Facebook (ESET).

With information and reference image provided by ESET and Comstat Rowland

Follow our news on Google! For current, interesting, and accurate information, click here to see all the content on Bitfinance.news. You can also find us on X/Twitter and Instagram

La entrada Conflict in Iran: its impact on global cybersecurity and the risks it generates apareció primero en Bitfinance.

Last November, the UK’s Security Service alerted members of Parliament about a foreign intelligence-gathering scheme: two LinkedIn profiles were contacting people working in British politics to request “insider information.” The MI5 revelations triggered a £170 million ($230 million) government initiative to address espionage threats against Parliament. While this is a high-profile case, ESET, a leading company in proactive threat detection, states that it is far from the first or only one. The site could also be a veritable treasure trove of corporate data that could be maliciously used to support fraud or threat campaigns.

Therefore, it is important to learn from this analysis and valuable professional opinion provided by ESET.

LinkedIn has amassed over one billion members worldwide since its founding in 2003. This represents a vast pool of potential targets for state-backed or financially motivated threat actors. Firstly, it is an extraordinary source of information where malicious actors can discover the roles and responsibilities of key individuals within a target company and reconstruct or reshape the relationships between individuals and projects they might be working on. Furthermore, it provides credibility and cover because, as a professional network, it is frequented by both high-level executives and lower-level employees, and it is a context in which a victim is more likely to open a direct message or InMail from someone on the platform than an unsolicited email.

On the other hand, it bypasses “traditional” security because there is no guarantee that phishing messages, malware, or spam won’t get through; and due to the site’s perceived credibility, target users may be more likely to click on malicious content. Finally, it’s easy to start operating; anyone can create a profile and begin lurking on the site to gather intelligence or send phishing messages and Business Enforcement (BEC) scams. Furthermore, attackers can hijack existing accounts or create fake identities before posing as candidates and recruiters for positions and jobs. The large number of compromised credentials circulating on cybercrime forums (due in part to infostealers) makes this relatively easy.

There are several ways threat actors can operationalize their malicious campaigns:

• Phishing and spearphishing: By using the information users share in their profiles, attackers can customize phishing campaigns (fake emails) to increase their success rate.
• Direct attacks: Contact can be made directly through malicious links designed to deploy malware, such as infostealers, or promote fake job offers intended to steal credentials.
• BEC: Similar to phishing, LinkedIn provides a wealth of intelligence that can be used to make Business Email Compromise attacks appear more convincing. It can help scammers identify who reports to whom, what projects they are working on, and the names of partners or suppliers.
• Deepfakes: LinkedIn can also host videos of targeted individuals, which can be used to create deepfakes and employ them in subsequent phishing, BEC, or social media scams.
• Account hijacking: Fake LinkedIn pages (phishing), infostealers, credential stuffing, and other techniques can help attackers take control of user accounts. These hijacked accounts can then be used in subsequent attacks targeting their contacts.
• Attacks on suppliers: LinkedIn can also be tracked for information about partners of a target company, who would also be targeted with phishing as part of a malicious “domino effect” strategy.

“The challenge posed by threats on LinkedIn is that IT departments find it difficult to obtain accurate information about the extent of the risk their employees face, and the tactics used to attack them. However, it makes sense to include LinkedIn threat scenarios like those described above in security awareness training courses. Employees should also be warned about the risk of oversharing information on the platform and given guidance on how to detect fake accounts and typical phishing lures,” says Mario Micucci, Cybersecurity Researcher at ESET Latin America.

ESET provides information on various threat groups that have used some of these tactics

• The Lazarus Group (North Korea) has posed as recruiters on LinkedIn to install malware on the computers of people working at an aerospace company, according to ESET Research. In fact, the research team also recently described the “Wagemole” campaigns, in which individuals aligned with North Korea attempt to obtain employment at foreign companies.
• ScatteredSpider contacted MGM’s help desk, impersonating an employee whose identity they obtained from LinkedIn, in order to gain access to the organization. The subsequent ransomware attack resulted in losses of $100 million.
• A spearphishing campaign called “Ducktail” targeted marketing and human resources professionals on LinkedIn, delivering malware and stealing information through links sent via direct message. The malware was hosted in the cloud.

Prevention

“To prevent account hijacking, a policy of regularly updating patches should be followed, security software should be installed on all devices (from a trusted vendor), and multifactor authentication should be enabled. Additionally, in corporate environments, it may be worthwhile to organize specific training sessions for executives, who are often the most frequent targets of attacks. Above all, ensure that the team is aware that, even on a network considered trustworthy like LinkedIn, not everyone acts in good faith or in their best interest,” recommends the ESET researcher.

ESET invites you to learn more about cybersecurity by visiting:  https://www.welivesecurity.com/es/.

For other useful preventative information, also available in Venezuela at: https://www.eset.com/ve/, and on their social media channels @eset_ve. Also on Instagram (@esetla)  and Facebook (ESET).

Information and image provided by ESET

Follow our news on Google! For current, interesting, and accurate information, click here to see all the content on Bitfinance.news. You can also find us on X/Twitter and Instagram

La entrada Malicious actors hunt and manipulate on the important LinkedIn network; we must protect ourselves apareció primero en Bitfinance.

In Latin America, the mobile landscape has very clear characteristics. The region concentrates many malware detections for Android, focusing on Mexico and Brazil, according to the latest ESET Threat Report. Unlike more northerly regions or Europe, Android is the most prevalent operating system by a significant margin. In line with what ESET, a leading company in proactive threat detection, observes globally, the phone is the primary device for most people, and recent devices coexist with models that no longer receive updates. According to the research group, this mix of high dependency, fragmentation, and outdated versions creates an environment where many malicious codes find space to proliferate. This is an issue we should all be aware of, whether we are basic and occasional users or advanced and active ones.

“In addition, many of the most effective distribution channels remain fully operational in the region. SMS or messaging campaigns with direct links, modified APKs shared outside of official stores, and applications that manage to enter legitimate stores with very few reviews or signs of real activity continue to be key vectors. This ecosystem facilitates both the circulation of known malware families and the constant emergence of new or unsophisticated variants that still manage to gain traction,” comments Martina Lopez, Cybersecurity Researcher at ESET Latin America.

ESET analyzes the 3 most frequently detected malware families in the region during 2025

Trojan.Android/Exploit.CVE-2012-6636: An old vulnerability that remains present in the mobile ecosystem because many Android applications continue to use legacy components. The flaw affects apps that use WebView with an insecure configuration and that were compiled with versions prior to Android 4.2. Even if the device is modern, the application may retain this vulnerable behavior. In this context, a malicious webpage loaded within the WebView itself can interact with the app’s internal code in ways that should not be possible, opening the door to the execution of unauthorized actions.

In the current mobile threat landscape, this exploit is not usually the focus of complex campaigns, but it does appear embedded in APKs distributed outside of official app stores or present in applications that no longer receive updates. Publicly available exploits exist for CVE-2012-6636, including modules embedded in frameworks like Metasploit, making it easy for malicious actors to use. Furthermore, it was reported as one of the most prevalent Android exploits in 2023, according to the ESET Security Report 2024.

Trojan.Android/Exploit.Lotoor: This is a family of privilege escalation exploits used for over a decade to gain root access on Android devices. It encompasses a set of techniques that abuse operating system vulnerabilities in various early versions of Android, especially flaws discovered between 2010 and 2013. Under this umbrella are exploits that take advantage of errors in drivers, system services, or memory management, allowing code to be executed with privileges higher than those of the application.

Its modules continue to reappear within malicious tools that seek to activate advanced functions such as uninstalling security apps, modifying internal configurations, or installing additional payloads. This is not the first time the research team has observed Lotoor in the top spots.

Trojan.Android/Pandora: This is malicious code linked to a variant of Mirai adapted for the Android ecosystem. It was first observed in 2023 within popular streaming applications in the region, especially on Android TV boxes and sticks commonly used to access unofficial content. In these cases, attackers distribute APKs that function as legitimate streaming apps but include a malicious component capable of turning the device into part of a botnet. In some models, modified firmware was even detected that came infected from the factory, amplifying the reach of the attack.

Once installed, Pandora maintains communication with a command and control server, receives instructions, and executes the typical capabilities of a Mirai-based botnet, with the focus on launching distributed denial-of-service attacks.

“This 2025 outlook shows us that Android threats continue to rely on well-known vectors and the lack of device and application updates, which keeps exploits and vulnerabilities that have been circulating for years alive. Even so, this doesn’t mean the risk is limited to the usual suspects. Less widespread, but equally relevant, threats also persist, such as banking trojans or fraudulent lending apps, which operate in a much more targeted way and seek a direct impact on the user’s finances. And, in parallel, emerging threats and increasingly innovative techniques are appearing, such as malware capable of cloning cards via NFC, reflecting a constantly evolving mobile ecosystem with a growing level of sophistication,” concludes Lopez from ESET Latin America.

In this context, protecting information and devices from these threats becomes vital.

ESET shares the following tips to avoid becoming a victim

• Keep your device updated and don’t use older versions of Android if an update is available.
• Install applications only from official stores or verified sources.
• Avoid APKs from unknown sources, even if they promise “premium” features or free content.
• Check permissions, developer activity, and the actual number of reviews before installing an app.
• Use reliable security solutions that detect exploits, Trojans, and anomalous behavior.
• Avoid disabling system protections and prevent the installation of unknown apps.
• Be wary of messages, links, or ads that promise quick access, discounts, or special features.

ESET invites you to learn more about cybersecurity by visiting: https://www.welivesecurity.com/es/.

For other useful preventative information, also available in Venezuela: https://www.eset.com/ve/, and on their social media channels @eset_ve. Also on Instagram (@esetla) and Facebook (ESET).

Bitfinance.news

(With information and images provided by ESET and Comstat Rowland)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on X/Twitter and Instagram

La entrada Cybersecurity: The malware that most attacked Android smartphones apareció primero en Bitfinance.

Cybercriminals have found that using artificial intelligence allows them to enhance their scams, making their deceptions more realistic and harder to detect. Recently, fake videos have surfaced impersonating internationally renowned figures, such as Lionel Messi or the CEO of a major organization.  However, these scams also occur on a smaller scale, such as targeting a school principal in the United States. ESET, a leading proactive threat detection company, reviews some of the cases where deepfakes were the main tool used in scams that resulted in millions of dollars in losses or the compromise of sensitive information.

Deepfake is an artificial intelligence-based technique for synthesizing human images to create fake content from scratch, using existing videos or even just a still image. They are designed to replicate the appearance and voice of a real person.

“With the evolution of Artificial Intelligence, these videos and audio recordings seem increasingly real. Many exploit the image of public figures or well-known entities to say something false, as part of a scam that aims to obtain money or sensitive information,” says Camilo Gutiérrez Amaya, Head of the ESET Latin America Research Lab.

ESET compiled amazing, truly real, and recent cases

Lionel Messi: The Argentine football player is one of the most recognized personalities worldwide. In this case, cybercriminals exploited his popularity to carry out a deepfake scam, promoting an app that promised suspiciously high and irresistible earnings. The app in question was called “Wildcat Dive,” and in the fake video, Messi claimed it was one of his main sources of income and that it had helped many people earn money. Through advertisements on the social network Instagram, the cybercriminals distributed snippets of a fabricated interview, which was based on a real interview the footballer had given to a well-known Argentine streaming program.

Arup: In early 2024, the architectural firm that designed the Sydney Opera House and the Etihad Stadium, Arup, made headlines when a financial employee at the company’s Hong Kong office received a video call from (allegedly) the company’s CFO. The result of the meeting was 15 transfers totaling over $25 million. The bad news is that it was actually a deepfake, so the transfers had not been approved by anyone in the company.

Ferrari: In this case, cybercriminals attempted a deepfake voice scam, impersonating Benedetto Vigna, the CEO of the automotive company. In July 2024, using voice imitation, they tried to convince the company’s finance executives to make a large money transfer. One of the employees became suspicious and asked a question that the AI ​​used in the scam could not answer correctly. Not only did this attack fail, but it prompted Ferrari to reinforce its employee training to prevent similar scams in the future.

WPP: One of the world’s largest advertising companies was also the target of a scam attempt involving a deepfake. In mid-2024, cybercriminals used a fake WhatsApp account, a voice recording, and YouTube footage of a virtual meeting to impersonate the company’s CFO, Mark Read. The malicious actors organized a meeting via Microsoft Teams, under the pretext of creating a new company, and used this as a lure to obtain money and sensitive personal data from the company. According to WPP, this attack was unsuccessful thanks to the company’s vigilance and the training its employees received to detect these scams.

School in Baltimore: Not only high-profile companies are targeted by deepfakes. In this case, a school principal was heard making racist and antisemitic comments. The incident went viral (over 2 million views) and resulted in death threats against the educator. After an investigation, local police confirmed that the audio was a fake, manipulated with AI.

Elon Musk: A cryptocurrency investment scam used Elon Musk’s image to spread ads on X and YouTube, promoting supposed investment opportunities that promised high returns on Bitcoin. The ads included a link to a fraudulent website where unsuspecting users were asked to make initial deposits to participate in the alleged investment. According to the US Federal Trade Commission, the scam, which included deepfakes, resulted in losses of over $80 million for more than 7,000 victims who believed in the supposed investment.

President Zelensky: Politics was also affected by deepfake scams. In March 2022, during the conflict between Russia and Ukraine, a fake video circulated showing Ukrainian President Volodymyr Zelensky urging his troops to surrender. The president responded almost immediately with a genuine video posted on his official channels.

While deepfake scams are becoming increasingly realistic and difficult to detect, ESET shares some best practices to reduce the risk of falling victim to these types of scams

• Be wary of eye-catching advertisements that offer an opportunity for easy and unrealistic gains. Also be suspicious of those that feature well-known celebrities.
• Pay attention to the video quality: if there are visual glitches, poor synchronization, or low resolution, it is likely a deepfake.
• Use security software on all devices to help block fake websites and emails containing malicious content.
• For businesses, it is important to not authorize payments solely based on a phone call or video call. Consider using keywords or internal codes as an additional verification method.
• Continuous training is essential: being trained to recognize the warning signs of deepfakes and scams is another key practice.
• Take advantage of the tools currently available to detect deepfakes and combat misinformation.

ESET invites you to learn more about cybersecurity by visiting: https://www.welivesecurity.com/es/.

For additional useful preventative information, visit ESET’s website in Venezuela: https://www.eset.com/ve/, and follow them on social media @eset_ve. Also on Instagram (@esetla) and Facebook (ESET).

Information and images courtesy of ESET and Comstat Rowland

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on X/Twitter and Instagram

La entrada ESET reports and summarizes 7 shocking real-life cases of scams using deepfakes apareció primero en Bitfinance.

Venezuelans attended Fitelven 2025 in person to learn about technological innovations in the broad field of telecommunications, cybersecurity, continuous training, and prevention, with presentations by, among other specialists and experts, Rafael Núñez Aponte, Director of Más Que Seguridad.

Núñez gave a masterclass on ransomware, emphasizing the importance of raising awareness and fostering a culture of security and protection. One of the topics that most captured the audience’s attention at this edition of the event was related to banking security and the protection of online transactions, with an emphasis on online users.

 

Ver esta publicación en Instagram

 

Una publicación compartida por Seguridad Informática (@masqueseguridad)

Más Que Seguridad (MQS) and Rafael Núñez participated in Fitelven 2025, interacted with the media and journalists, engaged with the public, congratulated the organizers, and commended the fair for its consolidation, as well as the various exhibitors for their positive growth.

 

Ver esta publicación en Instagram

 

Una publicación compartida por Seguridad Informática (@masqueseguridad)

Social media and contact: masqueseguridad

Coverage of Fitelven 2025 by EL SUMARIO media group

Video production: Jesús Ramírez / Ida Febres

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on X/Twitter and Instagram

La entrada Cybersecurity was a key focus at Fitelven 2025 with MQS and Rafael Núñez apareció primero en Bitfinance.

Faced with financial doubts and concerns, it’s no surprise that people are looking for alternatives to make their money go further. This leads users with little investment experience to become interested and take their first steps. ESET, a leading company in proactive threat detection, warns that scammers are taking advantage of this curiosity or need with increasingly sophisticated scams on social media. It also warns that AI-powered scams produce fake ads, deepfakes, and promises of profits that seek to deceive even the most cautious users.

“Could you distinguish between a real investment ad and a fake one? It’s becoming increasingly difficult to do so. Threat actors today have various tactics to make their scams more credible, including deepfake videos generated with artificial intelligence. While there are many tactics, techniques, and procedures (TTPs) associated with this type of fraud, most begin with malicious or deceptive ads circulating on social media. They are often used as a lure to trick the victim, either into providing personal information or directly directing them to an investment scam,” says Camilo Gutiérrez Amaya, Head of the ESET Latin America Research Lab.

According to the FBI, investment scams have been the main source of income for cybercriminals for several years. At last count, they earned nearly $6.6 billion, and that’s just from crimes reported to the federal government. This figure dwarfs the $2.8 billion earned by the second-largest scam, business email compromise (BEC).

An example of this type of campaign was identified in June 2025, when Instagram ads impersonated legitimate banks. Some used tempting offers, such as high-interest accounts, in an attempt to persuade the victim to click and enter their banking information. In other cases, they used deepfake Instagram stories featuring banking investment strategists to collect personal information and/or lure them into WhatsApp groups about investment scams. A 2024 campaign spread a fake video of Lionel Messi to promote supposed investments through an app that promised high returns.

Also in 2024, ESET observed the Nomani Trojan campaign. The ad content and the phishing websites they linked to were designed to impersonate local news outlets and other organizations. Or, it could be a generic financial-themed visual with frequently changing names like “Quantum Bumex, Immediate Mator, or Bitcoin Trader.” Some of the characteristics of the Nomani campaign (and other similar campaigns) include:

• Highly localized content to attract specific regional victims.
• Distribution via fake ads on Facebook, Instagram, X, YouTube, as well as Messenger and Threads.
• Deepfake video testimonials potentially using celebrities, often displayed in low-quality videos and with unnatural keyword repetition.
• Use of fake and hacked accounts to run the ads (including, in one case, an actor with 300,000 followers).
• Shared templates and callbacks pointing to the same hosting infrastructure.

In this campaign, according to ESET, the intended objective is to persuade the victim to provide their personal information, which the scammers use to contact them directly. They use this method to trick them into signing up for an investment scam, taking out a loan, or even installing remote access software on their device. ESET observed a 335% increase in Nomani threats between H1 and H2 2024, and blocked more than 8,500 related domains.

While these techniques seem like clear indicators of fraud, they can be much more difficult to detect, especially if you are looking for opportunities to alleviate financial pressures. ESET states that the continued effectiveness of these types of scams, such as fraudulent financial ads, is due to the following:

• Times are tough, and the prospect of quick and easy financial gain is attractive.
• Attention spans are decreasing, especially on mobile devices, so warning signs may not be detected in time.
• Many people are unfamiliar with the latest threat TTPs, such as the use of deepfake videos, which makes them more vulnerable.
• Many of these threats are localized, use legitimate (hijacked) accounts, and can appear at the top of search results.
• Banks’ traditional anti-fraud mechanisms often don’t work if the manipulation is also carried out socially via telephone to invest in a fraudulent scheme.

Investment scams are very common, and ESET points out that it’s necessary to pay attention to these warning signs

• Flashy ads (which may leverage legitimate brands) offering returns that are too good to be true or unusually high interest rates.
• Celebrity endorsements are often the hook to give the product a certain legitimacy. Always check if the endorsement is legitimate.
• Videos that don’t look entirely right, for example, with visual glitches, poor audio and video synchronization, low resolution, or robotic or overly polished voices.
• Pressure to act quickly and secure the investment.
• Guaranteed return on investment.

They also advise staying alert to warning signs, resisting the temptation to click on ads about finance or investments, even if they appear to be promoted by legitimate brands and individuals, searching online for reviews of a specific investment plan or group to verify their authenticity, not investing in financial products without having thoroughly researched them and understanding how they work, ignoring any unsolicited third-party offers, never sharing personal and/or financial information after clicking on an online ad, and always checking the information circulated with the supposedly issuing entity through official channels. Finally, use security software on all your devices from a trusted provider like ESET, which will help block scams.

“In times of economic uncertainty, it’s understandable that we look for alternatives to improve our financial situation. But scammers are exploiting this very need with increasingly sophisticated tactics. Therefore, being wary of what’s easy, recognizing the warning signs, and protecting your personal data is essential to avoid falling for this type of scam,” concludes the ESET researcher. ESET invites you to learn more about cybersecurity by visiting:  https://www.welivesecurity.com/es/.

For other useful preventive information, it is also available in Venezuela:  https://www.eset.com/ve/, and on its social media channels @eset_ve. Also, available on Instagram (@esetla) and Facebook (ESET).

Bitfinance.News

With information and reference image provided by ESET and Comstat Rowland

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on X/Twitter and Instagram

La entrada Investor scams on social media are on the rise with the help of artificial intelligence apareció primero en Bitfinance.