Source: Malwarebytes Blog
https://www.malwarebytes.com/blog/news/2026/04/fake-captcha-scam-turns-a-quick-click-into-a-costly-phone-bill
Researchers have documented a long‑running campaign that uses fake CAPTCHA pages to trick mobile users into sending dozens of international SMS messages in the background.
If you’ve spent any time on today’s web, CAPTCHAs may seem like background noise: click a few traffic lights, prove you’re human, move on. Something scammers have learned to abuse in ClickFix campaigns where they lure victims into infecting their own machines.
Recently, though, researchers found a twist where “prove you’re human” quietly turns into “run up an international phone bill.” The research describes an International Revenue Share Fraud (IRSF) campaign. IRSF, also known as SMS pumping fraud, abuses the complex pricing structures of international calls and SMS traffic to generate revenue by inflating message volume to particular destinations.
Instead of installing malware on the victim’s device, the scam exploits how telecom billing and affiliate networks work, turning ordinary web traffic into premium SMS revenue for cybercriminals…
Source: The Register
https://www.theregister.com/2026/05/04/uk_online_safety_act_age_checks_subvert/
It’s been months since the UK government began requiring stronger age checks under the Online Safety Act, and recent research suggests those measures are falling short of keeping kids away from harmful content. In some cases, even drawing on a mustache has been reported as enough to fool age detection software.
Like keeping booze away from teenagers or nudie mags out of the hands of young lads, slapping a big “restricted, 18+” label on parts of the internet hasn’t stopped kids testing the limits. Those limits, according to UK online safety group Internet Matters, are easy to sidestep.
The group surveyed over 1,000 UK children and their parents, and while it did report some positive effects from changes made under the OSA, many children saw age verification as an easy-to-bypass hurdle rather than something that kept them genuinely safe.
…
More about
Source: Nextgov/FCW
https://www.nextgov.com/artificial-intelligence/2026/05/trump-admin-floats-policy-language-limiting-contractor-say-agency-uses-technology/413337/
Ongoing drafts of policy documents feature language that would limit the private sector’s ability to dictate how their artificial intelligence models are used in government missions, according to sources familiar with their development.
The federal government is circulating draft policy documents that contain language clarifying the government’s ability to use private sector technology without outside stipulations for how they do so, two sources familiar with their development told Nextgov/FCW.
While it remains unclear if the language being passed between various government agencies — namely the Department of Defense and components of the Trump administration — will manifest into an executive order or finalized policy, that language centers on ensuring the government has control over how its acquired technology products are used.
One source familiar with the ongoing development told Nextgov/FCW that the goal of the language is to clarify that “it is for that democratically elected government to determine what is a lawful and appropriate use of a particular technology, not solely a company.”
The Trump administration’s efforts to refine the government’s rights when licensing private sector AI models and systems follow a dispute between Anthropic and the Department of Defense over using the company’s AI products in autonomous weaponry and domestic surveillance.
…
Topics:
Source: WTAE
https://www.wtae.com/article/social-media-scams-costing-billions/71217696
WASHINGTON — American consumers lost a total of $2.1 billion to scams on social media last year, according to the Federal Trade Commission’s latest Consumer Sentinel Network report.That’s eight times more than what consumers lost in 2020. Social media is becoming a preferred contact method for scammers, according to the FTC. Nearly 30% of individuals who reported losing money to scams said it began on social media.
The social media platform with the highest reported monetary losses was Facebook, with Americans losing $794 million to scams that began on that platform. That’s more than what people lost to text or email scams. WhatsApp was nearly half of Facebook at $425 million and Instagram was $234 million.
It’s not just online shopping scams that are tricking people. Investment scams that began on social media caused the biggest reported losses at $1.1 billion. These scams often claim to teach individuals how to invest or pose as friendly financial advisors.
Learn more about how to spot, avoid, and report scams by visiting ftc.gov/scams.
Source: WTAJ
https://www.wtaj.com/news/regional-news/pa-rep-proposing-regulations-on-how-data-from-license-plate-readers-is-used/
PENNSYLVANIA (WTAJ) — Citing privacy concerns for drivers, a state Representative is proposing legislation that would regulate how automated license plate readers and the data that is pulled are used.
Automated license plate readers are typically used by law enforcement officials and allow these agencies to check data pulled from the read license plate against numerous public databases for information. Representative Jennifer O’Mara (D-Delaware) proposes that while it is a useful tool, no regulations currently exist, which presents concerns about Pennsylvania drivers’ data privacy.
She now hopes to protect that privacy by restricting how the data can and cannot be used.
“With no laws or regulations in force, there is nothing to prevent any collected data from being shared, sold, or used for unlawful and inappropriate purposes. Pennsylvania’s motorists deserve the peace of mind in knowing that their private information is actually being kept private,” O’Mara wrote in a memo to fellow House members.
“With no laws or regulations in force, there is nothing to prevent any collected data from being shared, sold, or used for unlawful and inappropriate purposes. Pennsylvania’s motorists deserve the peace of mind in knowing that their private information is actually being kept private,” O’Mara wrote in a memo to fellow House members.
To follow along with the progress of the legislation, click here.
Subject: Warning: Be Careful of Mysterious Empty White Envelopes From Dave Garza
Source: Cord Cutters News
https://cordcuttersnews.com/warning-be-careful-of-mysterious-empty-white-envelopes-from-dave-garza/
The primary goal of a brushing scam is to manipulate the rating systems of major e-commerce platforms like Amazon, Walmart, and eBay. By sending a package to a real address and having it marked as delivered by a carrier, the sender is able to create a verified buyer profile. This status allows the scammer to post fake, glowing reviews under the recipient’s name. These fabricated testimonials serve to artificially inflate the product’s search rankings and overall credibility, which the sellers hope will eventually entice legitimate customers into making real purchases.
Experts recommend that anyone who receives these unsolicited items take immediate steps to secure their identity. This includes monitoring credit reports for unusual activity, updating passwords for online shopping accounts, and setting up transaction alerts for all credit cards and bank accounts. If a package appears to be linked to a specific online retailer, the recipient should contact that company to report the unauthorized delivery and request the removal of any fake reviews associated with their name. While federal law allows recipients to keep any physical items they receive in the mail for free, the underlying threat to digital privacy remains a serious concern for consumers nationwide…
Subject: Meta and TikTok Are Getting Your Data From State Healthcare Sites: Report
Source: Gizmodo
https://gizmodo.com/meta-and-tiktok-are-getting-your-data-from-state-healthcare-sites-report-2000754335
Gizmodo: “Most people are well aware at this stage that their activity is being observed on just about every website and platform they visit. But if there is only one place you would hope might be free of invasive trackers, it’d be healthcare exchanges operated by state governments. Don’t get those hopes up. According to a report from Bloomberg, all 20 state-run healthcare marketplaces include advertising trackers that share information with Big Tech companies. Per the report, seven million Americans bought their health insurance through state exchanges in 2026, and many of them may have had personal information shared with companies, including Meta, TikTok, Snap, Google, Nextdoor, and LinkedIn, among others. Some of the data collected and shared with those companies included ZIP codes, a person’s sex and citizenship status, and race…”