Source: The Hill
https://thehill.com/policy/technology/5596059-meta-scam-ads-revenue-leaked-documents/
- Meta expected to make billions in revenue from scam ads in 2024: Reuters
- Reuters found that 15B “higher risk” ads reached users each day
- A Meta spokesperson said the company aggressively fights fraud and scams
Social media giant Meta expected about 10 percent of its 2024 revenue, roughly $16 billion, to come from running ads for scams and banned goods, according to internal projections reported by Reuters.
The company, which owns Facebook, Instagram and WhatsApp, failed to identify and stop “an avalanche of ads” that exposed billions of users to “fraudulent e-commerce and investment schemes, illegal online casinos, and the sale of banned medical products,” according to the news wire.
Reuters cited a December 2024 document indicating Meta showed users an estimated 15 billion “higher risk” scam ads on average each day. Another internal document from late last year reportedly said the company earns about $7 billion in annualized revenue from such ads each year.
Other documents suggested Meta was slow to crack down even after becoming aware of the “scammiest scammers,” Reuters noted. Some big spenders — known internally as “High Value Accounts” — were able to accumulate more than 500 strikes without being shut down, the documents reportedly showed.
Source: The Register
https://www.theregister.com/2025/11/08/mozilla_fellow_al_shafei/
interview Digital rights activist Esra’a Al Shafei found FinFisher spyware on her device more than a decade ago. Now she’s made it her mission to surveil the companies providing surveillanceware, their customers, and their funders.”You cannot resist what you do not know, and the more you know, the better you can protect yourself and resist against the normalization of mass surveillance today,” she told The Register.
To this end, the Mozilla fellow founded Surveillance Watch last year. It’s an interactive map that documents the growing number of surveillance software providers, which regions use the various products, and the investors funding them. Since its launch, the project has grown from mapping connections between 220 spyware and surveillance entities to 695 today.
These include the very well known spy tech like NSO Group’s Pegasus and Cytrox’s Predator, both famously used to monitor politicians, journalists and activists in the US, UK, and around the world.
This illustrates another trend: It’s not just authoritarian countries using and investing in these snooping tools. In fact, America now leads the world in surveillance investment, with the Atlantic Council think tank identifying 20 new US investors in the past year.
…
More about
Source: Bucks County Beacon
https://buckscountybeacon.com/2025/11/always-watching-how-ices-plan-to-monitor-social-media-24-7-threatens-privacy-and-civic-participation/
When most people think about immigration enforcement, they picture border crossings and airport checkpoints. But the new front line may be your social media feed.U.S. Immigration and Customs Enforcement has published a request for information for private-sector contractors to launch a round-the-clock social media monitoring program. The request states that private contractors will be paid to comb through “Facebook, Google+, LinkedIn, Pinterest, Tumblr, Instagram, VK, Flickr, Myspace, X (formerly Twitter), TikTok, Reddit, WhatsApp, YouTube, etc.,” turning public posts into enforcement leads that feed directly into ICE’s databases.
The request for information reads like something out of a cyber thriller: dozens of analysts working in shifts, strict deadlines measured in minutes, a tiered system of prioritizing high-risk individuals, and the latest software keeping constant watch.
A new structure of surveillance – What would change isn’t only the scale of monitoring but its structure. Instead of government agents gathering evidence case by case, ICE is building a public-private surveillance loop that transforms everyday online activity into potential evidence.
Private contractors would be tasked with scraping publicly available data to collecting messages, including posts and other media and data. The contractors would be able to correlate those findings with data in commercial datasets from brokers such as LexisNexis Accurint and Thomson Reuters CLEAR along with government-owned databases. Analysts would be required to produce dossiers for ICE field offices within tight deadlines – sometimes just 30 minutes for a high-priority case.
The danger here is that when one person is flagged, their friends, relatives, fellow organizers or any of their acquaintances can also become subjects of scrutiny. Previous contracts for facial recognition tools and location tracking have shown how easily these systems expand beyond their original scope. What starts as enforcement can turn into surveillance of entire communities.
Meanwhile, ICE’s vendor ecosystem keeps expanding: Clearview AI for face matching, ShadowDragon’s SocialNet for mapping networks, Babel Street’s location history service Locate X, and LexisNexis for looking up people. ICE is also purchasing tools from surveillance firm PenLink that combine location data with social media data. Together, these platforms make continuous, automated monitoring not only possible but routine.
What’s new and why it matters now
What is genuinely new is the privatization of interpretation. ICE isn’t just collecting more data, it is outsourcing judgment to private contractors. Private analysts, aided by artificial intelligence, are likely to decide what online behavior signals danger and what doesn’t. That decision-making happens rapidly and across large numbers of people, for the most part beyond public oversight.
What accountability looks like – Transparency starts with public disclosure of the algorithms and scoring systems ICE uses. Advocacy groups such as the American Civil Liberties Union argue that law enforcement agencies should meet the same warrant standards online that they do in physical spaces. The Brennan Center for Justice and the ACLU argue that there should be independent oversight of surveillance systems for accuracy and bias. And several U.S. senators have introduced legislation to limit bulk purchases from data brokers.
[…]
Source: Android Headlines
https://www.androidheadlines.com/2025/11/digital-ids-the-future-of-identity-documents.html
In the evolving world of identity verification, few terms are as widely used or as broadly misunderstood as digital ID. For some, it means a secure login for accessing public services. For others, it’s a digital twin of a physical ID card that lives on a smartphone or smartwatch.Whatever the definition, one thing is clear: digital IDs are the next stage in the evolution of identity documentation. This transformation is already in progress. It can be guided, but it can no longer be stopped.
This article explores what digital IDs are, how they work, the security principles behind them, and how governments worldwide are embracing this technology.
Regula’s Global Study on Digital IDs
[…]
A true digital identity has three key features:
1. It exists purely in digital form.
2. It holds verified data that serves as official proof of identity.
3. It allows for secure authentication and authorization via a unique identifier.
A real-world example is the Digital Travel Credential (DTC) developed by the International Civil Aviation Organization (ICAO). A DTC converts data from a physical passport read via an NFC-enabled smartphone into a digital credential. Once verified, travelers can pass through airport gates using facial recognition alone, with no need to show their physical passport.
Just as physical IDs have holograms, MRZs, and UV features, digital IDs rely on encryption and cryptographic techniques to prevent tampering. They’re typically stored in digital wallets or secure mobile apps, which protect identity data and enable users to control how their information is shared.
Mobile Driver’s Licenses: A Stepping Stone – Mobile driver’s licenses (mDLs), used in countries such as Argentina and Mexico, share many characteristics with digital IDs. However, they’re typically local implementations rather than nationwide identity systems.
Governed by ISO/IEC 18013-5, mDLs use QR codes and digital signatures for secure, offline verification. While currently limited to transportation use, they lay the groundwork for broader digital identity adoption in the future.
Ultimately, the goal isn’t to replace physical IDs but to create a hybrid verification ecosystem, one that bridges the physical and digital worlds, ensuring convenience without compromising trust or security.
Subject: Google Raises Alert After VPN Spyware Apps Spread
Source: Android Headlines
https://www.androidheadlines.com/2025/11/google-raises-alert-after-vpn-spyware-apps-spread.html
Virtual Private Networks (VPNs) are often viewed as a way to protect digital identity by many. But in a turn of events, Google has issued a sharp alert that the cybercriminals are spearing apps that claim to be trustworthy VPN but are actually malware tools to steal data. The firm’s latest November 2025 fraud and scam advisory focuses on these digital prey.
Google issues alert as fake VPN apps hide spyware
According to Google’s November 2025 scam and fraud advisory, threat actors are disguising malware as VPN apps and browser extensions that appear legitimate at first. These fake services, or hidden malware, are known for impersonating popular VPN brands. They also use enticing advertisements to lure users into installing them.
Google has emphasized in its statement that even official app stores are not immune to these fake VPN apps. It’s very possible that the VPN you install to protect yourself could instead become a threat. The company also advises downloading VPN apps only from trusted sources, such as the official Google Play Store. Users must also look for apps that clearly carry a verified “VPN” badge.
Google also requests that users enable Play Protect and use the related alerts in Android that flag risky apps and permissions
Source: Phone Scoop
https://www.phonescoop.com/articles/article.php?a=23633
Apple is launching a new type of digital identification for iPhone (and Apple Watch) that it calls simply “Digital ID“. It is based on the user’s existing passport and can be used in place of a Real ID at TSA checkpoints for domestic travel. (It does not replace a passport for international travel.) “At launch, Digital ID acceptance will roll out first in beta at TSA checkpoints at more than 250 airports in the U.S. … with additional Digital ID acceptance use cases to come in the future.” Not all TSA checkpoints can accept this type of ID yet. Google’s Android already supports this unique type of ID — which they call “ID pass” — having announced it over a year ago. On both Android and iOS, the system works the same way: To set it up, you scan your passport with your phone’s camera, scan the NFC chip in the passport, and take a moving selfie to verify identity. To use it, just tap the NFC reader at the checkpoint and confirm the requested info to share with TSA. (Your phone stays in your hand.)
Subject: Don’t Get Tricked by Fake Amazon Reviews This Black Friday
Source: PCMag
https://www.bespacific.com/dont-get-tricked-by-fake-amazon-reviews-this-black-friday/
—
Abstracted from beSpacific
Copyright © 2025 beSpacific, All rights reserved.
Source: Android Headlines
https://www.androidheadlines.com/2025/11/google-drive-will-use-ai-to-turn-lengthy-pdfs-into-short-audio-summaries.html
Google Drive gets a new AI audio summaries feature, where Gemini can turn your lengthy documents into short audio summaries. Google says the summaries can range from two to ten minutes, depending on the length of the PDF file. Currently, the audio overviews are only available on the web version and only in English.
After the update, when you open a PDF file in Google Drive on the web, you will now see a new “Audio Overview” button in the toolbar. Tapping this will enable Drive to process the file and push out an audio summary.
Source: Android Headlines
https://www.androidheadlines.com/2025/11/google-lawsuit-text-sms-phishing-operations-lighthouse-smishing-triad.html
Google has sued the cybercriminal group behind “Lighthouse,” a phishing-as-a-service platform responsible for massive SMS scams impersonating brands like USPS and E-ZPass. The group allegedly compromised over 12 million US credit cards. Google filed the lawsuit under the RICO Act to dismantle the operation and reduce widespread fraud.
This organization, sometimes referred to as the “Smishing Triad,” provides its services through a platform dubbed “Lighthouse.” Google alleges that Lighthouse functions as a “phishing for dummies” toolkit. It allegedly offers a turnkey solution for cybercriminals. For a monthly fee, the platform provides hundreds of ready-made website templates and the infrastructure necessary to quickly launch large-scale campaigns. Google files lawsuit against group behind USPS and E-ZPass text scams.
The scale of the operation is significant. Google reports that Lighthouse has successfully targeted over a million victims across 120 countries. In the US alone, the criminal enterprise is estimated to have compromised anywhere between 12.7 million and 115 million credit card numbers. The scams often masquerade as urgent notifications from highly trusted brands. The list includes E-ZPass, the U.S. Postal Service (USPS), and even Google itself, preying on users’ trust.
What happens after a victim clicks a fraudulent link?
…
Google’s allegations – To dismantle the organization, Google is bringing claims under several key U.S. laws. The allegations include the Racketeer Influenced and Corrupt Organizations (RICO) Act and the Computer Fraud and Abuse Act (CFAA). The goal is not just to seek damages but to secure a court order that effectively shuts down the Lighthouse platform. This could greatly help prevent its continued proliferation…