Filipi Pires’ Post

🚨 𝐅𝐫𝐚𝐮𝐝 𝐏𝐫𝐞𝐯𝐞𝐧𝐭𝐢𝐨𝐧: 𝐓𝐨𝐨 𝐆𝐨𝐨𝐝 𝐭𝐨 𝐁𝐞 𝐓𝐫𝐮𝐞 🚨 By Petros Orphanides, CFA, ACA – Financial Literacy Committee Member, CFA Society Cyprus 𝐅𝐫𝐚𝐮𝐝 𝐢𝐬 𝐠𝐫𝐨𝐰𝐢𝐧𝐠 𝐟𝐚𝐬𝐭 — 𝐚𝐧𝐝 𝐢𝐭 𝐜𝐚𝐧 𝐡𝐚𝐩𝐩𝐞𝐧 𝐭𝐨 𝐚𝐧𝐲𝐨𝐧𝐞. 👉 In Cyprus, fraudulent transactions jumped by 34% in volume and 26% in value in the second half of 2024, costing approximately €3M.   From phishing and crypto scams to deepfakes and business email compromise, fraudsters use AI and new tech to deceive. 🔑 𝐏𝐫𝐨𝐭𝐞𝐜𝐭 𝐲𝐨𝐮𝐫𝐬𝐞𝐥𝐟: ✔ Stop & verify before paying ✔ Use 2FA ✔ Strong, unique passwords ✔ Monitor your accounts ✔ Avoid risky payments ✔ Stay alert to red flags 👥 𝐁𝐮𝐬𝐢𝐧𝐞𝐬𝐬𝐞𝐬: add dual approvals, fraud detection & email security. 💡𝑰𝒇 𝒊𝒕 𝒔𝒆𝒆𝒎𝒔 𝒕𝒐𝒐 𝒈𝒐𝒐𝒅 𝒕𝒐 𝒃𝒆 𝒕𝒓𝒖𝒆, 𝒊𝒕 𝒑𝒓𝒐𝒃𝒂𝒃𝒍𝒚 𝒊𝒔. 𝑺𝒕𝒂𝒚 𝒗𝒊𝒈𝒊𝒍𝒂𝒏𝒕. Click here to read article in Greek: https://lnkd.in/eS5wgjQF Click here to read article in English: https://lnkd.in/eGTNaJ5K   #FraudPrevention #FinancialLiteracy #CFASocietyCyprus #CyberSecurity

𝗣𝗹𝗲𝗮𝘀𝗲𝗱 𝘁𝗼 𝘀𝗵𝗮𝗿𝗲 𝗺𝘆 𝗹𝗮𝘁𝗲𝘀𝘁 𝗮𝗿𝘁𝗶𝗰𝗹𝗲 𝗳𝗼𝗿 𝗖𝗙𝗔 𝗦𝗼𝗰𝗶𝗲𝘁𝘆 𝗖𝘆𝗽𝗿𝘂𝘀. World Investor Week 2025 highlighted 𝗙𝗿𝗮𝘂𝗱 𝗮𝗻𝗱 𝗦𝗰𝗮𝗺 𝗣𝗿𝗲𝘃𝗲𝗻𝘁𝗶𝗼𝗻 as one of its key themes — a topic that’s becoming more relevant than ever as fraud continues to rise globally. We’re all at risk, so staying informed is the first step to protection. The article aims to raise awareness about current fraud trends and offers practical ways to protect yourself and your financial well-being. I hope it serves you as a helpful resource. You can find links to the article here: Click here to read article in Greek: https://lnkd.in/eS5wgjQF Click here to read article in English: https://lnkd.in/eGTNaJ5K #FraudPrevention #FinancialLiteracy #CFASocietyCyprus #CyberSecurity

Gartner predicts that by 2028, 20% of large enterprises will have adopted cyber-fraud fusion teams. Why? Because cybercrime and financial fraud are no longer separate. Ransomware, mule networks, and laundering schemes have become part of the same operations. Group-IB’s new Suspicious Payment Details module in Threat Intelligence is built for this reality. It delivers unique criminal payment intelligence to teams that handle fraud, AML, and compliance. ✅ IBANs, wallets, phone/email payment IDs ✅ Coverage across fiat, crypto, and alternative payment systems ✅ Attribution to ransomware groups, laundering schemes, and mule networks ✅ Seamless integration with existing fraud monitoring tools Read the full description in our new blog post: https://lnkd.in/g9_4rfbz #CyberFraud #ThreatIntelligence #FraudPrevention #CyberSecurity #Ransomware #FinancialFraud #PaymentSecurity #AMLCompliance #FightAgainstCybercrime

🚨 Chinese criminal organizations have generated over $1 billion through industrial-scale SMS phishing campaigns targeting American consumers, utilizing sophisticated US-based SIM farms and extensive money laundering networks. 📱 These operations deploy thousands of compromised SIM cards across American telecommunications infrastructure, sending an estimated 15.6 billion fraudulent text messages annually. The campaigns achieve a 2.3% success rate in capturing payment card data, with individual victims losing an average of $1,847 per successful breach. 🔍 Intelligence analysis reveals these gangs operate through distributed networks of money mules, processing stolen funds through 47 different cryptocurrency exchanges and traditional banking channels. The schemes specifically target mobile banking alerts and package delivery notifications, exploiting Americans' trust in SMS communications with a 73% open rate compared to 21% for suspicious emails. 💰 Financial institutions report a 340% increase in card-not-present fraud linked to these text-based attacks over the past 18 months. The gangs' sophisticated laundering infrastructure moves funds through an average of 8.2 financial intermediaries before converting to cryptocurrency, making recovery nearly impossible for victims. 🛡️ Security teams must prioritize SMS security awareness training and implement robust fraud detection systems that monitor for suspicious text-based credential harvesting attempts. The billion-dollar scale of these operations underscores why SMS phishing has become a critical attack vector requiring dedicated defensive strategies. #SMSPhishing #CyberCrime #ThreatIntelligence #FraudPrevention #InfoSec #CyberSecurity #MobileSecurity #FinancialCrime #MoneyLaundering #DataTheft source: https://lnkd.in/dTvabpQZ

🚨 Critical Vulnerability in the Russian Payment System I discovered a serious security flaw in one of the main payment platforms in Russia, similar to Visa or Mastercard. Through a detailed analysis of a bank's mobile app, I identified an SQL injection that allowed access to users' sensitive data and to perform unauthorized transactions without additional authentication. 🔍 🛡️ Discovery Steps - I analyzed the app's network traffic using tools like Burp Suite, revealing unprotected API endpoints. - I tested basic SQL payloads, confirming that the exposed database contained card information and balances. - I simulated fraudulent transactions in a controlled environment, demonstrating the potential impact on thousands of accounts. ⚠️ 🔒 Mitigation Measures and Responsibility I reported the vulnerability to the bank's security team responsibly, following the coordinated disclosure process. They patched the issue in less than 48 hours, avoiding a possible financial disaster. This case highlights the importance of validating inputs in APIs and using prepared statements in database queries. For more information, visit: https://enigmasecurity.cl If you're passionate about cybersecurity, consider donating to the Enigma Security community to continue supporting with more news: https://lnkd.in/evtXjJTA Connect with me on LinkedIn to discuss security topics: https://lnkd.in/g7abjNga! #Cybersecurity #Vulnerabilities #EthicalHacking #DigitalPayments #SQLInjection 📅 Sat, 27 Sep 2025 17:20:16 GMT 🔗Subscribe to the Membership: https://lnkd.in/eh_rNRyt

The numbers are undeniable: Africa's future is mobile-first! Sub-Saharan Africa alone is home to 1.1 Billion registered mobile money accounts, handling over $1.1 Trillion in transaction value last year. This isn't just payments; it’s economic empowerment. 📲🌍 But with this explosive growth comes an essential question for every financial institution and FinTech: How are you securing the mobile-first future? From user passwords to API security, risk has never been higher. At TACFIS 2025, we covered the frameworks needed to protect this digital revolution. Download the post-summit white paper for a deep dive into securing the next billion users. #MobileMoney #FinTechAfrica #FinancialInclusion #CyberSecurity #TACFIS2026

🚨 Critical Vulnerability in the Russian Payment System I discovered a serious security flaw in one of the main payment platforms in Russia, similar to Visa or Mastercard. Through a detailed analysis of a bank's mobile app, I identified an SQL injection that allowed access to users' sensitive data and to perform unauthorized transactions without additional authentication. 🔍 🛡️ Discovery Steps - I analyzed the app's network traffic using tools like Burp Suite, revealing unprotected API endpoints. - I tested basic SQL payloads, confirming that the exposed database contained card information and balances. - I simulated fraudulent transactions in a controlled environment, demonstrating the potential impact on thousands of accounts. ⚠️ 🔒 Mitigation Measures and Responsibility I reported the vulnerability to the bank's security team responsibly, following the coordinated disclosure process. They patched the issue in less than 48 hours, avoiding a possible financial disaster. This case highlights the importance of validating inputs in APIs and using prepared statements in database queries. For more information, visit: https://enigmasecurity.cl If you're passionate about cybersecurity, consider donating to the Enigma Security community to continue supporting with more news: https://lnkd.in/er_qUAQh Connect with me on LinkedIn to discuss security topics: https://lnkd.in/e56qXi9n! #Cybersecurity #Vulnerabilities #EthicalHacking #DigitalPayments #SQLInjection 📅 Sat, 27 Sep 2025 17:20:16 GMT 🔗Subscribe to the Membership: https://lnkd.in/eh_rNRyt

Authorities Dismantle Global Cybercrime-as-a-Service Operation European authorities, in coordination as SIMCARTEL, have dismantled a significant cybercrime-as-a-service operation. This action involved renting telephone numbers via 1,200 SIM-box devices, powering active SIM cards across over 80 countries. The operation aimed to facilitate a wide range of illicit activities globally. The coordinated October 10 operation resulted in seven arrests, 26 searches, and the seizure of five servers and 40,000 active SIM cards. Financial assets frozen include 431,000 EUR and 333,000 USD in cryptocurrency. Investigators linked the network to thousands of fraud cases and the creation of nearly 49 million online accounts. This takedown significantly disrupts a major enabler of various cybercrimes, including phishing, smishing, and investment fraud. The global reach and sophisticated infrastructure of this service posed a persistent threat to individuals and organizations. It underscores the critical importance of international law enforcement cooperation in combating organized cybercrime. • Strengthen international law enforcement cooperation. • Enhance global efforts against cybercrime-as-a-service. • Promote robust identity and account verification. • Advocate for stronger cross-border legal frameworks. • Analyze the evolving threat of SIM-based fraud.

As a fraud professional , I closely monitor the evolving landscape of fraud schemes, especially the recent surge of activity on the dark web that demands the attention of every financial institution. In my observations, several noteworthy trends are gaining prominence: - Synthetic Identity Kits: Fraudsters are now offering comprehensive "starter packs" containing Social Security Numbers, Dates of Birth, and credit profiles, streamlining the creation of synthetic identities. These kits often come with instructions on establishing credit history through minor trade lines. - Phishing-as-a-Service (PhaaS): The realm of phishing has expanded beyond individual hackers to encompass entire service models. These services enable the effortless launch of professional-grade phishing campaigns complete with templates, hosting, and even dedicated "customer support." - Deepfake Verification Bypass Tools: With the increasing emphasis on Know Your Customer (KYC) protocols involving selfie verification, fraudsters are utilizing deepfake technology to replicate authentic customer faces seamlessly in real-time, making detection more challenging. - Crypto Cash-Out Networks: Fraudsters are innovatively maneuvering stolen funds into cryptocurrency and back into fiat currencies via Over-The-Counter (OTC) brokers and globally operating mule accounts. These emerging trends underscore the critical need for collaborative efforts across various teams - from fraud, Anti-Money Laundering (AML), compliance, to cybersecurity. Swift information sharing among these departments is essential to outpace the adaptability of malicious actors. For professionals engaged in fraud prevention or risk management, what trends have you recently encountered? Let's engage in a knowledge exchange to ensure we are well-informed and proactive in staying ahead of evolving threats. #FraudPrevention #FinancialCrime #DarkWeb #AML #CyberSecurity #RiskManagement #FraudInvestigation

Europol has dismantled a major global SIM farm network that powered nearly 49 million fake online accounts, exposing the growing sophistication of cybercrime-as-a-service (CaaS) operations. The coordinated action — Operation SIMCARTEL — involved agencies from Austria, Estonia, Finland, and Latvia, working with Europol and Eurojust. It led to seven arrests, 26 property searches, and the seizure of 1,200 SIM boxes containing about 40,000 active SIM cards. Two domains, GoGetSMS[.]com and APISIM[.]com, were shut down and replaced with official seizure notices. Authorities also froze €431,000 in bank funds and €266,000 in crypto assets, along with four luxury vehicles. The criminal network is linked to over 3,000 cyber fraud cases in Austria and Latvia, causing total losses exceeding €5 million. The dismantled platform sold access to temporary phone numbers from over 80 countries, enabling users to register fake accounts on social networks, messaging apps, and trading platforms. These accounts were later used for phishing, smishing, investment scams, and even child exploitation. What made this case remarkable is its business-like structure: the network advertised online, offered “passive income” to SIM card owners, and marketed its tools as “secure” services. This shows how cybercrime has evolved into a service economy — scalable, automated, and disturbingly professional. As Europol noted, the infrastructure was technically advanced and operated globally, giving criminals a toolset to hide identities, launder data, and commit cross-border crimes. Cybercrime is evolving faster than ever, but so are our defenses. 👉 Don’t get pwned — get informed. #Cybersecurity #Compliance #Europol #Fintech #Cybercrime #FraudPrevention #RiskManagement #DigitalIdentity #AML #DataProtection