恶意利用与网络犯罪

数据批次: 0 新闻区域: 国际新闻 新闻数量: 12

链接: https://www.bloomberg.com/news/newsletters/2025-10-17/trump-leans-on-familiar-dealmaking-formula-with-xi-and-putin

类别: Newsletter Washington Edition

日期: 2025-10-18

主题: 特朗普的交易式外交策略与AI技术在监控及恶意利用中的应用

新闻主要报道了美国前总统特朗普在处理与中国和俄罗斯关系时，倾向于采用其标志性的交易式外交策略，即先施压后寻求面对面谈判以达成协议。文章以其对华关税威胁和与习近平会晤的反复，以及对俄乌冲突中对乌克兰提供武器的模糊态度为例。此外，新闻还提及了美国移民和海关执法局扩大监控能力（包括面部识别技术），以及警方警告有人利用AI生成图片进行恶作剧欺骗亲友等其他事件。

新闻在“Seen Elsewhere”部分明确提及了“Immigration and Customs Enforcement has been expanding its surveillance capability by buying technology including facial recognition”，其中“facial recognition”（面部识别）是AI技术的一种应用，涉及“社会影响与伦理风险”（隐私泄露）。同时，该部分还提到“people use AI-generated images to trick friends and relatives”，其中“AI-generated images”（AI生成图片）属于AI的“恶意利用与网络犯罪”范畴（诈骗/恶意工具）。因此，该新闻具有高价值。

Trump Leans on Familiar Dealmaking Formula With Xi and Putin In this Article This is Washington Edition, the newsletter about money, power and politics in the nation’s capital. Today, White House correspondent Lauren Dezenski looks at the president’s drive to strike a deal. Sign up here. Email our editors here. The Playbook There’s one throughline in President Donald Trump’s strategies for his biggest foreign policy challenges: Let’s make a deal. Take China. If there was any question whether Trump’s latest tariff broadside against Beijing was more negotiating ploy than firm policy, the president answered this morning. ″It’s not sustainable,” Trump said of his threatened 145% tariffs on goods from the world’s second-biggest economy. “It could stand, but they forced me to do that,” he added in an interview with Fox Business. He later also dialed back on a veiled threat in a Truth Social post last week to cancel a meeting with Chinese President Xi Jinping at a meeting of Asia-Pacific leaders later this month. “We’d like to meet,” Trump said about Xi during a meeting this afternoon with Ukrainian President Volodymyr Zelenskiy at the White House. Read More: US-China Trade Talks Seen Next Week as Trump Plays Down Tariffs That was all very soothing to Wall Street, where fears about a new tit-for-tat trade war between Washington and Beijing had triggered sharp market swings. Trump’s hunger for dealmaking also is likely to have him heading to Budapest for a meeting with Russian President Vladimir Putin in the coming weeks. He announced that plan a day before his face-to-face discussions with Zelenskiy, which the Ukrainians had hoped would result in the US providing the country with Tomahawk missiles. Getting the weaponry, which could reach deep inside Russian territory, is seen as a way to escalate pressure on Putin to negotiate an end to his war against Ukraine. Trump, though, was noncommittal. Trump is reading from a familiar script with both Russia and China: threaten a major escalation, dial back and count on a face-to-face meeting to close the deal. However, Trump’s dealings with Xi have yet to result in a firm resolution of the ongoing trade disputes, and he left his last meeting with Putin empty-handed. Asked whether Putin was just stalling him, the author of The Art of the Deal gave an answer that could apply to both situations. “I’ve been played all my life by the best of them and I came out really well,” Trump said. “I think that I’m pretty good at this stuff. I think he wants to make a deal.” Don’t Miss Trump asked the Supreme Court to let him immediately deploy National Guard troops in Chicago after a federal appeals court refused the administration’s request. Former national security adviser John Bolton pleaded not guilty at a Maryland federal courthouse to charges in an 18-count indictment alleging that he mishandled classified materials. Trump said the US military struck a submarine designed for drug trafficking, amid reports that some aboard the vessel had survived — a first in the administration’s offensive against purported narco-traffickers. White House officials are meeting with the leaders of several colleges that have yet to respond to the Trump administration’s proposed preferential funding compact, as well as with representatives of additional schools. The Federal Reserve is ready to cut interest rates again this month, because right now a weakening job market outweighs inflation fears. But that balance may not hold for very long. Credit-card purchases in the US have increasingly been driven by borrowers with high scores, as less creditworthy consumers cut back on spending, a report from the Federal Reserve Bank of Philadelphia shows. Trump refiled a streamlined version of his $15 billion defamation lawsuit against the New York Times, stripping out the “repetitive,” “superfluous” and “florid” language that resulted in a federal judge tossing it out last month. The world’s shipping regulator postponed a decision on adopting a landmark charge on vessel emissions, a shock move that highlights the Trump administration’s efforts to disrupt international climate diplomacy. Among the impacts of the government shutdown is delayed release of new craft beers, wines and exotic spirits, like a new chocolate and peanut butter flavored whiskey, that need Treasury Department approvals. Watch & Listen Today on Bloomberg Television’s Balance of Power early edition at 1 p.m., host Joe Mathieu interviewed Ben Jensen, senior fellow for the Defense and Security Department at the Center for Strategic and International Studies, about Ukraine’s request for US Tomahawk missiles. On the program at 5 p.m., Joe and Julie Fine talk with retired Lieutenant Colonel Alexander Vindman, a former director for European Affairs at the National Security Council, about the Zelenskiy meeting and Trump’s plan for a second summit with Putin. On the first episode of The Mishal Husain Show, a new podcast from Bloomberg Weekend, Mishal is joined by Canadian Prime Minister Mark Carney, who talks about trade battles, Putin’s miscalculations and what he’s learned from Trump. Make sense of the world with one essential conversation every weekend with The Mishal Husain Show, available on Apple, Spotify or wherever you get your podcasts. Chart of the Day Next Friday, the Bureau of Labor Statistics will release the September consumer price data that have been delayed by the government shutdown. Those data are important to central bankers, government policymakers and private businesses, but there’s only one constituency important enough to bring 123 furloughed BLS employees back to work: Social Security recipients. The Social Security Administration needs the CPI data to compute the annual cost-of-living adjustment — specifically, the year-over-year increase in the third-quarter consumer price index for urban wage earners and clerical workers, or CPI-W. Independent estimates from the American Association of Retired Persons and the Senior Citizens League see a 2.7% increase in benefits starting in January — just a little more than last year’s COLA. Other major BLS data releases remain paused. — Gregory Korte What’s Next Existing home sales for September will be reported by the National Association of Realtors on Oct. 23. The delayed consumer price index for September is set to be released on Oct. 24. The University of Michigan’s final read of consumer sentiment for the month will be released Oct. 24. The summit of the Association of Southeast Asian Nations opens Oct. 26 in Malaysia. The Federal Reserve’s rate-setting committee meets Oct. 28-29. The Asia-Pacific Economic Cooperation leaders summit opens Oct. 31. Seen Elsewhere

恶意利用与网络犯罪

链接: https://www.foxnews.com/tech/north-korean-hackers-use-ai-forge-military-ids

类别: tech

作者: Kurt Knutsson, CyberGuy Report

日期: 2025-09-27

主题: 生成式AI被恶意利用于国家支持的网络攻击和间谍活动

新闻指出，朝鲜黑客组织Kimsuky利用ChatGPT等生成式AI工具伪造韩国军事ID，并用于网络钓鱼邮件，冒充韩国国防机构进行间谍活动。文章还提到，中国黑客也利用Claude和ChatGPT进行网络攻击，包括针对越南电信、农业系统和政府数据库，以及生成密码暴力破解脚本和制造旨在煽动政治分裂的虚假社交媒体帖子。专家警告，AI极大地降低了复杂网络攻击的门槛，使得伪造文件、自动化攻击和钓鱼诈骗更具说服力，传统安全防御措施已不足以应对。

它直接涉及“人工智能 (AI)”技术被“恶意利用”于“网络犯罪”和“政治与意识形态安全”领域。具体事实包括：朝鲜黑客组织Kimsuky“利用ChatGPT伪造军事ID”进行“间谍活动”；中国黑客利用Claude和ChatGPT作为“全栈网络攻击助手”，针对“政府数据库”和“国防网络”；以及利用AI“生成虚假社交媒体帖子”以“煽动政治分裂”。这些都明确符合高价值标准中“恶意利用与网络犯罪”和“政治与意识形态安全”的定义，如“自动化攻击”、“诈骗”、“钓鱼”、“深度伪造”和“制造针对国家安全的虚假信息”。

A North Korean hacking group, known as Kimsuky, used ChatGPT to generate a fake draft of a South Korean military ID. The forged IDs were then attached to phishing emails that impersonated a South Korean defense institution responsible for issuing credentials to military-affiliated officials. South Korean cybersecurity firm Genians revealed the campaign in a recent blog post. While ChatGPT has safeguards that block attempts to generate government IDs, the hackers tricked the system. Genians said the model produced realistic-looking mock-ups when prompts were framed as "sample designs for legitimate purposes." Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com/Newsletter Kimsuky is no small-time operator. The group has been tied to a string of espionage campaigns against South Korea, Japan and the U.S. Back in 2020, the U.S. Department of Homeland Security said Kimsuky was "most likely tasked by the North Korean regime with a global intelligence-gathering mission." Genians, which uncovered the fake ID scheme, said this latest case underscores just how much generative AI has changed the game. "Generative AI has lowered the barrier to entry for sophisticated attacks. As this case shows, hackers can now produce highly convincing fake IDs and other fraudulent assets at scale. The real concern is not a single fake document, but how these tools are used in combination. An email with a forged attachment may be followed by a phone call or even a video appearance that reinforces the deception. When each channel is judged in isolation, attacks succeed. The only sustainable defense is to verify across multiple signals such as voice, video, email, and metadata, in order to uncover the inconsistencies that AI-driven fraud cannot perfectly hide," Sandy Kronenberg, CEO and Founder of Netarx, a cybersecurity and IT services company, warned. HACKER EXPLOITS AI CHATBOT IN CYBERCRIME SPREE North Korea is not the only country using AI for cyberattacks. Anthropic, an AI research company and the creator of the Claude chatbot, reported that a Chinese hacker used Claude as a full-stack cyberattack assistant for over nine months. The hacker targeted Vietnamese telecommunications providers, agriculture systems and even government databases. According to OpenAI, Chinese hackers also tapped ChatGPT to build password brute-forcing scripts and to dig up sensitive information on US defense networks, satellite systems and ID verification systems. Some operations even leveraged ChatGPT to generate fake social media posts designed to stoke political division in the US. Google has seen similar behavior with its Gemini model. Chinese groups reportedly used it to troubleshoot code and expand access into networks, while North Korean hackers leaned on Gemini to draft cover letters and scout IT job postings. GOOGLE AI EMAIL SUMMARIES CAN BE HACKED TO HIDE PHISHING ATTACKS Cybersecurity experts say this shift is alarming. AI tools make it easier than ever for hackers to launch convincing phishing attacks, generate flawless scam messages, and hide malicious code. "News that North Korean hackers used generative AI to forge deepfake military IDs is a wake-up call: The rules of the phishing game have changed, and the old signals we relied on are gone," Clyde Williamson, Senior Product Security Architect at Protegrity, a data security and privacy company, explained. "For years, employees were trained to look for typos or formatting issues. That advice no longer applies. They tricked ChatGPT into designing fake military IDs by asking for 'sample templates.' The result looked clean, professional and convincing. The usual red flags — typos, odd formatting, broken English — weren't there. AI scrubbed all that out." "Security training needs a reset. We need to teach people to focus on context, intent and verification. That means encouraging teams to slow down, check sender info, confirm requests through other channels and report anything that feels off. No shame in asking questions," Williamson added. "On the tech side, companies should invest in email authentication, phishing-resistant MFA and real-time monitoring. The threats are faster, smarter and more convincing. Our defenses need to be too. And for individuals? Stay sharp. Ask yourself why you’re getting a message, what it’s asking you to do and how you can confirm it safely. The tools are evolving. So must we. Because if we don’t adapt, the average user won’t stand a chance." HOW AI CHATBOTS ARE HELPING HACKERS TARGET YOUR BANKING ACCOUNTS Staying safe in this new environment requires both awareness and action. Here are steps you can take right now: If you get an email, text or call that feels urgent, pause. Verify the request by contacting the sender through another trusted channel before you act. At the same time, protect your devices with strong antivirus software to catch malicious links and downloads. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at CyberGuy.com/LockUpYourTech Reduce your risk by scrubbing personal information from data broker sites. These services can help remove sensitive details that scammers often use in targeted attacks. While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you. Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting CyberGuy.com/DeleteGet a free scan to find out if your personal information is already out on the web: Cyberguy.com/FreeScan Look at the email address, phone number or social media handle. Even if the message looks polished, a small mismatch can reveal a scam. Turn on multi-factor authentication (MFA) for your accounts. This adds an extra layer of protection even if hackers steal your password. Update your operating system, apps and security tools. Many updates patch vulnerabilities that hackers try to exploit. If something feels off, report it to your IT team or your email provider. Early reporting can stop wider damage. Ask yourself why you are receiving the message. Does it make sense? Is the request unusual? Trust your instincts and confirm before taking action. AI is rewriting the rules of cybersecurity. North Korean and Chinese hackers are already using tools like ChatGPT, Claude, and Gemini to break into companies, forge identities, and run elaborate scams. Their attacks are cleaner, faster, and more convincing than ever before. Staying safe means staying alert at all times. Companies need to update training and build stronger defenses. Everyday users should slow down, question what they see, and double-check before trusting any digital request. Do you believe AI companies are doing enough to stop hackers from misusing their tools or is the responsibility falling too heavily on everyday users? Let us know by writing to us at CyberGuy.com/Contact Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com/Newsletter Copyright 2025 CyberGuy.com.  All rights reserved.

恶意利用与网络犯罪

链接: https://www.theguardian.com/world/2025/dec/16/gulf-clan-colombia-us-terrorist-organization

类别: World news

作者: Tiago Rogero

日期: 2025-12-16

主题: 美国将哥伦比亚“海湾帮”列为恐怖组织；哥伦比亚禁毒战中的自主无人潜艇威胁；美哥关系紧张。

美国已将哥伦比亚最大的贩毒集团“海湾帮”列为外国恐怖组织。该组织在哥伦比亚多地活跃，控制贩毒和人口走私路线，并曾试图将自身包装成政治运动。新闻还指出，哥伦比亚在禁毒战中面临“自主贩毒无人潜艇”的新威胁。此举加剧了美国与哥伦比亚总统佩特罗之间的紧张关系，双方近期就禁毒政策和军事行动多有摩擦。

它明确提到了“自主贩毒无人潜艇”这一新威胁。这符合高价值标准中关于“恶意利用与网络犯罪”的描述，即利用AI或自动化技术开发“恶意工具”进行非法活动，对国家安全和执法构成潜在威胁。

The US has designated the Gulf Clan, Colombia’s largest and most powerful illegal armed criminal group, as a foreign terrorist organisation. The notorious drug-trafficking militia with its roots in far-right paramilitary forces, is present in at least 20 of Colombia’s departments, and dominates people- and drug-smuggling routes through the Darién Gap. It has also battled unsuccessfully against leftwing rebels for control of criminal networks along the Venezuelan border. In recent years, the group has attempted to present itself as a political movement similar to Colombian insurgent factions groups, which would grant it different conditions at peace talks, but it is not widely considered to have concrete political aims. Colombia identifies new threat in drug war: the autonomous narco drone sub In a statement on Tuesday, the US secretary of state, Marco Rubio, described the Gulf Clan – which calls itself the Gaitanist Self-Defense Forces of Colombia (AGC) – as a “violent and powerful criminal organisation with thousands of members” whose “primary source of income is cocaine trafficking, which it uses to fund its violent activities”. Although other criminal groups in Colombia – the world’s leading cocaine-producing country – have been designated as terrorist groups in the past, Tuesday’s ruling marks the first under the current administration of Donald Trump, which has targeted six cartels in Mexico and two in Venezuela. The move is likely to exacerbate tensions between Trump and Colombia’s president, Gustavo Petro, who strongly opposes the US president’s pressure campaign against Venezuela and the deadly airstrikes that have killed more than 90 people off the coasts of both countries in the Pacific and the Caribbean. The two leaders have traded public barbs for weeks. After warning that any country producing narcotics was a potential target – and singling out Colombia – Trump said last week that Petro “is going to have himself some big problems if he doesn’t wise up”. Petro, in turn, warned Trump to “not wake the jaguar” with threats of military action. The US has used its so-called war on drugs to justify the strikes on boats it alleges are ferrying drug shipments. Petro has described the attacks a “murder”. Early on Tuesday, the US Southern Command said it had carried out new strikes on three vessels near Colombia’s Pacific coast, killing eight people. Other Colombian criminal organisations have been featured on the US foreign terrorist organisations list for years, including the National Liberation Army (ELN) and dissident factions of the Revolutionary Armed Forces of Colombia (Farc) that took up arms again after the 2016 peace agreement. Some Colombian officials hoped that the Gulf Clan might be weakened by the capture and extradition to the US of its main leader in 2022. Instead, the group unleashed a campaign of terror, assassinating police officers and local leaders and holding large swaths of the country hostage. The Gulf Clan is now engaged in halting talks with the government but is considered the main obstacle to Petro’s stumbling “total peace” plan to end the country’s many-sided armed conflict.

恶意利用与网络犯罪

链接: https://www.foxnews.com/tech/from-friendly-text-financial-trap-new-scam-trend

类别: tech

作者: Kurt Knutsson, CyberGuy Report

日期: 2025-10-23

主题: 利用社交工程和AI生成资料的新型投资诈骗

新闻揭示了一种新型诈骗趋势，诈骗者通过友好的短信对话建立信任，然后诱骗受害者（尤其是老年人）参与虚假的黄金交易投资（如WEEX平台）。诈骗者利用个人魅力、虚假身份（包括AI生成资料）和紧迫感，诱导受害者投入资金，一旦资金转出便难以追回。文章强调了识别诈骗迹象、保护个人信息以及在受骗后及时举报的重要性。

它直接涉及“人工智能”技术被“恶意利用”于“诈骗”活动。正文明确指出“诈骗者有时会使用被盗照片、AI生成资料或虚假身份来建立可信度”，这符合高价值标准中“恶意利用与网络犯罪”维度下的“诈骗”行为。此外，新闻提及诈骗目标是“老年人尤其容易受害”，这触及了“社会影响与伦理风险”维度，即AI技术可能引发的社会问题和信任危机。

It starts with something small, a text that feels oddly familiar. Maybe it says, "Hey, how are you?" or "Are you coming to the BBQ?" Before you know it, you're in a friendly back-and-forth with someone who seems genuine. But soon, that casual conversation takes a sharp turn toward money. That's exactly what happened to John from Alabama. "I received a text from someone in California inviting me to a BBQ. We've been texting, and now she wants me to trade gold through WEEX. Is this safe or a scam? I'm 74, she's 36." - John, Huntsville, Alabama John's story may sound like a one-off, but it's part of a growing trend where scammers use personal charm to build trust and then push victims into risky online "investments." SCAMMERS NOW IMPERSONATE COWORKERS, STEAL EMAIL THREADS IN CONVINCING PHISHING ATTACKS Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com newsletter WEEX is a cryptocurrency exchange that allows users to trade digital assets, including gold-backed tokens like Tether Gold (XAUT). These aren't physical gold bars or coins; they're digital tokens tied to the price of gold and stored on blockchain networks. While WEEX operates as a legitimate platform, scammers often exploit the name of real exchanges to sound credible. They'll encourage victims to "trade gold" through what seems like an official account but actually directs them to fake sites or wallets designed to steal money. John's experience shows several red flags. The conversation began with a friendly invitation, then quickly shifted to a financial pitch. That's a classic move in online relationship scams. The younger person builds an emotional connection, then uses that trust to promote an "opportunity." Scammers often promise guaranteed profits or claim they'll "help you trade" to make the process sound easy. But the truth is, once you send money or crypto, it's nearly impossible to get it back. Even if WEEX itself is legitimate, the person encouraging you to use it may not be. Many scammers use stolen photos, AI-generated profiles or fake identities to build credibility. Once they convince you to send funds, they vanish, often taking your money and personal information with them. You can spot trouble early by asking simple questions. If someone can't explain how the investment works or avoid details about how to withdraw your money, that's a warning sign. Be cautious if they promise fast profits or "zero-risk" returns. Real investments always involve risk. Watch out for anyone who pressures you to act quickly or says the deal is "private." Those urgency tactics are designed to keep you from thinking clearly. Also, look up the company behind the platform. If it's based overseas, lacks clear business registration or hides its address, your funds may have no legal protection. WHATSAPP BANS 6.8M SCAM ACCOUNTS, LAUNCHES SAFETY TOOL If you've received a text like John's, pause before replying or transferring anything. These scams move fast, but you can stop them in their tracks by following a few smart steps. Never send money, crypto or gift cards to anyone you've only met by text. Ask for written proof explaining how the investment works and how withdrawals happen. If the person avoids details or insists you "act now," that's a serious warning sign. Scammers thrive on vague promises. Ask specific questions about how profits are made, how you'll access your funds and who regulates the platform. If the answers are unclear or the topic changes, walk away immediately. Before you invest a cent, search online for phrases like "WEEX scam" or "WEEX complaints." See what other users have experienced and whether any regulatory agencies have flagged the platform. Real investors leave detailed feedback; scammers usually don't. Protect your privacy beyond just this scam. Data removal services can erase your personal details from data broker sites that sell your info to marketers and sometimes scammers. The fewer places your data lives online, the harder it is for fraudsters to find and target you again. While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you. Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting CyberGuy.com.Get a free scan to find out if your personal information is already out on the web: CyberGuy.com Scammers sometimes send fake links or attachments that can infect your phone or computer. Install and regularly run a strong antivirus software. These tools can block dangerous websites, alert you to phishing attempts and keep your personal data secure. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at CyberGuy.com Before investing in anything, share the details with a trusted friend, family member or financial advisor. A second opinion can help you spot inconsistencies or risks you might overlook in the moment. When in doubt, slow down and ask for help. If you believe you've been targeted by a WEEX gold scam or any similar text-based investment scheme, take action right away. Start by reporting the scam to the Federal Trade Commission (FTC) at reportfraud.ftc.gov. This helps investigators track new fraud patterns and warn others. Next, file a complaint with your state attorney general's office and, if crypto is involved, submit a report through the U.S. Securities and Exchange Commission (SEC) or the Commodity Futures Trading Commission (CFTC). If you sent money through a bank or payment app, contact your financial institution immediately to try to stop or reverse the transfer. By reporting what happened, you not only protect yourself but also help stop scammers from reaching other potential victims. These scams prey on emotion. A kind message or casual chat can quickly turn into manipulation. Scammers use friendliness, flattery and false urgency to pull you in, then drain your accounts. Older adults are particularly vulnerable, especially when the scam feels personal. By blending romance with financial advice, these criminals make their victims believe they're building both trust and wealth. Protect yourself by treating every unexpected text with caution. If the conversation moves toward money, crypto, or gold trading, that's your cue to stop responding. Keep your devices secure and your private data off public sites where scammers look for new targets. Have you ever received a text that seemed friendly at first but felt "off" as the chat went on? Let us know by writing to us at CyberGuy.com. Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com/Newsletter Copyright 2025 CyberGuy.com.  All rights reserved.

恶意利用与网络犯罪

链接: https://www.science.org/content/article/journals-and-publishers-crack-down-research-open-health-data-sets

作者: Cathleen O’Grady

日期: 2025-10-08

主题: 学术出版商打击利用开放数据和AI生成虚假研究论文

PLOS、Frontiers等主要学术出版商和期刊正在收紧对基于开放健康数据集的研究论文的审查政策，以应对“可疑研究”和“无意义科学论文”的激增。这些论文被怀疑由“论文工厂”利用“人工智能”生成，并通过出售署名权牟利。新政策包括自动拒稿、要求外部验证或填写详细清单，旨在打击学术造假并恢复出版诚信。此举已显著提高了此类论文的拒稿率，但也有研究人员担心可能阻碍合法研究。

它明确提到了“人工智能”在学术造假中的“恶意利用”。正文中指出，“研究人员推测，论文工厂公司会生产大量此类论文——可能由人工智能撰写——并向研究人员出售署名权。”这直接关联到高价值标准中的“恶意利用与网络犯罪”维度，即利用AI实施“自动化攻击”或开发传播“恶意工具”（在此指生成虚假论文的工具），以及“社会影响与伦理风险”维度，因为它涉及AI引发的学术诚信危机和潜在的“信任危机”。出版商采取的“自动拒稿”、“外部验证”等措施，也属于应对AI恶意利用的“重大监管与合规动态”范畴。

Two major publishers have begun to automatically reject the vast majority of papers based on public health data sets, following revelations that unscrupulous actors use these data sets to churn out nonsense scientific papers.

Last month, PLOS and Frontiers both announced submissions that use data sets such as the U.S. Centers for Disease Control and Prevention–run National Health and Nutrition Examination Survey (NHANES), which collects diet and health data on more than 130,000 people, will not even be considered, unless the researchers do additional work to confirm their findings. Individual journals are imposing similar restrictions.

The new policies should help weed out fraudulent papers, at least in the short term, says Matt Spick, a statistician at the University of Surrey who brought the problems to light. But some researchers worry the rule could create unnecessary barriers for genuine research that can benefit public health. “It’s good to have some guardrails,” says Thu Nguyen, an epidemiologist at the University of Maryland. But “don’t just throw the whole thing away and say it’s all garbage.”

Large public health data sets tend to contain a huge number of variables, making them fertile ground for studies that probe how various factors affect health. But their richness also allows unscrupulous actors to carve up the data in countless ways, seeking chance correlations that look like reliable statistical signals but are, in reality, just noise.

Emily Chenette, editor-in-chief of PLOS ONE, says PLOS journals have seen skyrocketing submissions of papers that find a statistical link between a health condition (such as depression) and a possible cause (such as vitamin D levels) in a specific group of people, such as women under age 35. Researchers have speculated that paper mill companies produce large volumes of papers like these—possibly written by artificial intelligence—and sell authorship slots to researchers.

Last month, the publisher announced it had “updated the standards against which we evaluate research using publicly available health and social science databases.” Chenette says editors at PLOS journals will automatically reject papers based on these data sets unless the researchers have done extra legwork, such as experiments, to show their findings are robust. In the first month of the new policy, the rejection rate for such papers has increased from 40% to 94%, Chenette says.

Frontiers has announced a similar change, requiring editors to automatically reject papers that use public health data sets without some kind of “external validation.” For instance, authors could use NHANES data alongside private data from their own institution, or run experiments to confirm their findings, says Elena Vicario, head of research integrity at Frontiers. Since the new policy was instituted in May, Vicario says, more than 5000 papers using open data sets have been rejected, including nearly all submissions using NHANES data.

Spick, whose work has found that Frontiers journals have published a significant chunk of problematic research, applauds the move. “They had let it get completely out of control,” he says, “and now they have to take extra steps to restore credibility.”

Some individual journals have also instituted defenses against the flood of junk papers. The Journal of Global Health announced in July that researchers using open data sets—including the Global Burden of Disease study and publicly available data from the UK Biobank, as well as NHANES—would now need to fill in an extensive checklist explaining what research had been conducted on their question before, and how their study contributes something new. Submissions of papers using open data sets have halved since then, says Igor Rudan, a global health researcher at the University of Edinburgh and editor-in-chief of the journal.

In an even more extreme move, the journal Expert Opinion on Drug Policy will no longer publish any studies using the U.S. Food and Drug Administration Adverse Event Reporting System, an open data set tracking reports of medication side effects. The only exception to the journal’s policy, which Retraction Watch reported last month, is research that has been invited by the journal’s editors.

Scientific Reports has taken a different approach, relying on an internal policy that Spick, an associate editor at the journal, shared with Science. The policy alerts editors to the problems with NHANES and gives guidance on rejection. The journal’s publishing director, Richard White, says Springer Nature has rejected thousands of NHANES papers across its journals, including at Scientific Reports. But the publisher considers training and guidance for editors to be more appropriate than a single blanket policy, White says.

Rumi Chunara, a biostatistician at New York University whose work sometimes uses public data, says the policies are reasonable and should result in better quality science. Checklists like the one introduced by the Journal of Global Health take a lot of time but “make for good-quality work,” she says.

Spick suggests the organizations that create and maintain these data sets could address the problem by requiring researchers to submit their study design and rationale for review before gaining access to the data. But Chunara worries restricting access would make it harder for scientists working at institutions with few resources, such as those in the Global South, to conduct research. NHANES is a taxpayer-funded resource, she adds, so should be publicly available.

Although the requirement for external validation may initially be effective, paper mills could easily sidestep it by looking for a spurious finding in two different data sets, Spick says. He thinks some organizations may already be employing this tactic, driving the rapid growth in papers that supplement findings from public health data with additional spurious correlations using public genetic databases. Ultimately, no blanket policy will work properly if editors are asleep at the wheel, he says: “If editors are phoning it in, paper mill products will get through.”

恶意利用与网络犯罪

链接: https://www.reuters.com/sustainability/boards-policy-regulation/german-authorities-nix-1400-websites-used-cybertrading-fraud-2025-10-13/

作者: Reuters

日期: 2025-10-13

主题: AI在网络欺诈中的恶意应用及国际执法打击

德国当局与欧盟刑警组织等合作，在“赫拉克勒斯行动”中关闭了东欧1400多个用于网络交易欺诈的非法网站。这些欺诈者利用人工智能生成非法网站，诱骗投资者投入巨额资金。此次行动是继此前关闭800个非法域名后的又一次重大打击。

该新闻具有高价值。正文明确指出，欺诈者“利用人工智能生成非法网站，并用它们引诱投资者上钩”，这直接符合高价值标准中的“恶意利用与网络犯罪”维度（利用AI实施“诈骗”）。同时，德国当局与国际机构合作“关闭”这些非法域名，也符合“重大监管与合规动态”中的“调查”和“处罚”标准。

BERLIN, Oct 13 (Reuters) - German investigators and banking watchdog BaFin have shut down over 1,400 illegal domains in Eastern Europe that were involved in cybertrading fraud, officials said in a joint statement on Monday. Dubbed Operation Heracles, the probe was conducted by Baden Wuerttemberg state criminal police and BaFin, Europol and Bulgarian authorities in an effort to crack down on those facilitating the use of fraudulent trading accounts. Sign up here. Users of the websites were directed to brokers operating from call centres abroad who would encourage them to invest large sums. For many it took months to notice that their money was not being invested, the authorities said. "The perpetrators are becoming increasingly professional," said Birgit Rodolphe of BaFin. "They use artificial intelligence to churn out illegal websites and use them to lure investors into traps." This operation follows a previous shutdown of 800 illegal domains in June of this year. There have since been 20 million attempts to access them. "The measures significantly weakened the criminal actors by specifically disabling their technical infrastructure," the authorities said. Reporting by Alexander Huebner and Natascha Koch, Editing by Friederike Heine Our Standards: The Thomson Reuters Trust Principles.

恶意利用与网络犯罪

链接: https://www.whitehouse.gov/briefings-statements/2025/10/presidential-message-on-national-youth-substance-abuse-prevention-month/

类别: Briefings & Statements

日期: 2025-10-10

主题: 反家暴政策；AI技术（深度伪造）的恶意利用与数字安全。

总统在“全国反家暴月”讲话中，强调打击家庭暴力，承诺通过恢复法治、遣返危险移民等措施保护家庭。特别提到签署《TAKE IT DOWN法案》，旨在加强对儿童和家庭的保护，防范施虐者利用数字剥削和深度伪造技术在线攻击受害者。

该新闻具有高价值。正文明确提及“deepfakes”（深度伪造），这是一种由人工智能驱动的技术。新闻指出该技术“far too often used by abusers to target their victims online”（被施虐者频繁用于在线攻击受害者），并导致“digital exploitation”（数字剥削）。这符合OSINT高价值标准中的“恶意利用与网络犯罪”以及“社会影响与伦理风险”维度，因为它涉及AI技术的恶意应用及其对社会和个人造成的危害。

Presidential Message on National Domestic Violence Awareness Month The shameful scourge of domestic violence is a direct assault on our Nation’s most sacred and fundamental institution: the family. For a family to be strong, all its members must feel safe. Domestic violence, which particularly affects women, who so often are the backbone of our families, and their vulnerable children, is particularly corrosive This National Domestic Violence Awareness month, my Administration renews its commitment to ending domestic violence by restoring the rule of law, cleaning up our Nation’s streets, and aggressively arresting and prosecuting every criminal who terrorizes our fellow citizens and their families. From the quiet seclusion of our homes and workplaces to the bustling centers of our cities and towns, every year, the violent plague of domestic violence inflicts searing pain, trauma, and heartbreak upon as many as 10 million precious American lives. As President, I am steadfastly devoted to uplifting survivors of domestic violence and ensuring they know they are never alone, and that help and support are always within reach. For immediate and confidential support, call the National Domestic Violence Hotline at 1-800-799-7233. To further safeguard American communities and protect families from domestic violence, I am securing our southern border, dismantling human trafficking networks, and conducting the largest mass deportation operation in American history. We are removing dangerous illegal immigrants who have brought bloodshed and mayhem onto our streets—many of whom have been charged heinous crimes, including domestic abuse, against citizens of our Nation. I have also supported our law enforcement officers who so often must respond to and work to prevent domestic violence. And I signed into law the TAKE IT DOWN Act—a landmark step that strengthens protections for children and families against digital exploitation and deepfakes, which are far too often used by abusers to target their victims online. This month, we affirm that the American Dream should be within reach for our fathers, mothers, daughters, and sons. Under my leadership, violent criminals are once again being deported and prosecuted to the fullest extent of the law—and we are once again a Nation committed to the sacred principles of law, order, and justice. Together, we will foster safer homes and stronger communities by striving to eliminate domestic violence in all its horrific forms, holding perpetrators accountable, and empowering survivors with unwavering support.

恶意利用与网络犯罪

链接: https://www.businessinsider.com/real-estate-scam-leasing-fraud-landlord-apartment-application-screening-2025-10

类别: Real Estate

作者: James Rodriguez

日期: 2025-10-08

主题: 人工智能助推下的美国房地产租赁欺诈及其对租房市场的影响

美国房地产租赁欺诈案件激增，诈骗者利用伪造文件或窃取身份租房，导致房东蒙受损失。疫情期间租赁流程线上化和人工智能技术（AI）的出现，使得伪造文件更容易，加剧了欺诈的复杂性和数量。这不仅给房东带来经济损失和法律纠纷，也导致房东加强租客筛选，使得诚实租客面临更严格、更不透明的申请流程，甚至可能导致租金上涨。尽管租客权益倡导者认为这是转移对住房负担能力危机的注意力，但行业内普遍认为欺诈问题确实加剧了住房挑战。

它明确提到了“人工智能 (AI)”在欺诈活动中的应用，符合高价值标准中的“恶意利用与网络犯罪”维度。正文指出：“人工智能 (AI) 的出现也使得伪造文件比以往任何时候都更容易，从而逃避检测。” (The advent of AI has also made it easier than ever to churn out fake documents that evade detection.) 这直接表明AI被用于生成虚假文件以进行租赁诈骗，属于利用AI实施诈骗行为，对房地产市场造成负面影响，并间接影响普通租客的权益，符合“恶意利用与网络犯罪”中“诈骗”的定义。

Jared Decker was on his way to lunch when he received the phone call that kicked off a monthslong real estate nightmare. It was the fall of 2023, and the caller was an aggrieved local businessman in Tampa, Florida, who had just discovered thousands of dollars missing from his bank account. The property management firm Decker works for, the caller said, had charged him nearly $10,000 for rent over several months — despite the fact that he had never lived at any of its more than 600 rental homes. Decker and the owners of his company soon discovered the source of the mix-up. A fraudster had rented the home under a false persona, stealing the businessman's bank account information and cribbing other identifying info, including his name, from a different person in Pennsylvania. The scammer had begun living at the property before Decker's company, Coastal Pioneer Realty, took over managing it, so he hadn't gone through their usual screening process, Decker tells me. The ensuing ordeal, including an eviction and court proceedings to sort out the missing money, ended up costing thousands of dollars in legal fees and missed rent payments. The property's owner, a so-called "mom and pop landlord" who owns a handful of rentals, was on the hook for most of it. Landlords and property managers nationwide are sounding the alarm over a surge in leasing application fraud, as scammers fabricate documents or steal entire identities to secure rentals. An executive at Greystar, the country's largest multifamily property management company, tells me that about half of applicants in some pockets of Atlanta are rejected due to "provable" fraud. During an earnings call in 2023, the CEO of Camden Property Trust, another large apartment company, recounted his own brush with identity theft: A scammer, he said, tried to use his identity to lease an apartment owned by a competitor in Charlotte. The prevalence of these tactics is hard to track, especially since most of the hard data on it comes from business groups, leasing-software firms, or apartment operators that have clear incentives to make a fuss about fraud. But chat with any property manager and you'll probably get some version of this rallying cry: Leasing fraud is a greater threat than ever. Boo-hoo, you might think. Poor landlords. But dismissing leasing fraud as a champagne problem ignores the consequences for regular apartment hunters. As landlords beef up their crook-catching methods, they may also increase their reliance on imperfect tenant-screening software. Honest renters could face a tougher, more opaque application process as a result — and maybe even rent hikes. Even after they move in, tenants could wind up living down the hall from someone who isn't who they claim to be. In other words, the panic over scammers is about to make renting more of a headache for everyone. These tactics generally fall into two main buckets. There's "first-party fraud," in which prospective tenants apply using their real identity but spin up fake pay stubs, bank statements, or credit reports to score a unit for which they may not have otherwise qualified. Then there's the more nefarious "third-party fraud," which involves either stealing an identity wholesale or cobbling together a fake persona based on stolen information. Once a scammer has the keys, they may simply take up residence like any other renter, pocket some money by illegally subletting the unit to an unwitting tenant, or use the space as a "haven" for drug or sex trafficking, a report from the landlord-software company RealPage warns property managers. We definitely have seen that leasing fraud attempts have grown in both volume and sophistication in recent years.Jamie Teabo, senior managing director at Greystar Conditions have never been more ripe for a sophisticated scammer to flourish. The pandemic forced the industry to move leasing processes online, enabling fraudsters to hide behind screens. The advent of AI has also made it easier than ever to churn out fake documents that evade detection. This is especially perilous for small-time landlords, who own more than a third of rental units around the country and aren't exactly known for their tech-savvy. Tens of thousands of newly built apartment units, many offering at least a month or two of free rent, have hit the market in recent years, leaving scammers with no shortage of targets. A survey of about 70 apartment operators conducted at the end of 2023 by the National Multifamily Housing Council, a trade group, found that 70% had seen an increase in fraudulent applications and payments over the preceding 12 months. A separate study last year by RealPage reported a similar rise — of roughly 400 property managers surveyed across five large metros, 75% reported an increase in fraudulent behavior. The NMHC survey also found that nearly 24% of evictions over the prior three years were tied to fraudulent applications and related failure to pay rent. The eviction process can take months, costing landlords both time and money. "Five to seven years ago, fraud was, I don't want to say nonexistent, but it was less of a factor," says Chase Harrington, the president and COO of the property-management software company Entrata. Back then, he says, leasing offices were mostly on the lookout for applicants fudging their income or credit history to secure a place. "What we've seen progress over time," Harrington tells me, "is now truly bad actors, of like, 'Are they who they say they are?'" Leasing fraud appears to be widespread; property managers I spoke to struggled to identify factors, such as location, type of building, or local tenant laws, that make places more vulnerable to the problem. They frequently cited Atlanta as a hub for this kind of activity, despite its location in a relatively landlord-friendly state with a speedier eviction process and fewer tenant protections. Greystar, which manages more than 960,000 multifamily units in North America and around 44,000 units in the Atlanta metro, says it flags around half of applications in some pockets of the city — most notably the midtown, downtown, and Buckhead areas —as fraudulent. Greystar said it identified 14% to 18.5% of applications as fraudulent in metros like Durham-Chapel Hill, North Carolina; Salt Lake City; Portland; Charleston, South Carolina; and Boston. These numbers don't include applicants who drop out of the process when they encounter hurdles that are likely to ensnare scammers, like an ID check. "We definitely have seen that leasing fraud attempts have grown in both volume and sophistication in recent years," Jamie Teabo, a Greystar executive, tells me. The purported rise in fraud has been a boon for companies that help rental owners identify and root out bad actors. One of these is Snappt, an identity- and income-verification software firm that raised a $100 million Series A funding round in 2022 and now conducts checks for landlords who own more than 2.2 million apartments across all 50 states. "Business has been kind of a rocket ship," Kyle Nelson, the company's vice president of corporate strategy, tells me. Although Nelson says instances of fraud are trending higher than last year, Snappt's tallies of fake application documents were significantly lower than the figures cited by Greystar. Snappt reviewed about 770,000 multifamily applications in the first half of this year and found an average fraud rate of 6.5%, with the highest volumes in Houston, Atlanta, and Los Angeles, all in the high single digits. Of the roughly 2.9 million documents the company analyzed, about 25,000 were deemed to be the result of so-called "template farms," operations that mass-produce fake documents and enable applicants to "misrepresent their income, employment, or identity." Another 21,540 were flagged as the work of "advanced fraud rings" that tamper with the underlying code of documents to evade manual detection. It'd be one thing if this were merely a headache for landlords and management companies. But the people I spoke with in the rental industry argue that the rise of scammers is bad for existing tenants and potential renters, too. Apartments tied up in eviction proceedings are temporarily held off the market and out of reach of honest renters. Stricter screening methods mean regular applicants face more barriers to finding a place to live. Apartment operators already pass along a bevy of fees to renters — if fraud really does take a chunk out of their bottom line, odds are they won't eat that bill, either. One obvious answer would be higher application fees to offset the cost of applicant screening. Jay Parsons, a rental housing economist and consultant, describes fraud as the "big thing no one outside the industry wants to talk about." With renters in the grips of an affordability crisis, there's not much appetite for landlord hand-wringing. But brushing off the rise in fraud, he says, won't help anyone. "There are real challenges out there. I don't want to downplay that," Parsons tells me. "At the same time, we do see things like fraud that are actually exacerbating those challenges in the form of taking units offline that otherwise could be available." Screening has become just more and more opaque, and it's often locking people out of the application process altogether, making it really difficult to access housingMarie Claire Tran-Leung, senior staff attorney at the National Housing Law Project I couldn't find any data that explicitly tied fraud to rent hikes — fraud is an already murky practice and just one cost that goes into a landlord's decision-making. But when apartment operators miss out on months of rent or spend money to flush out fraudsters, "a lot of times they have to make up that money somewhere," Caitlin Sugrue Walter, head of research and innovation at the NMHC, tells me. A 2022 survey by the Urban Institute backs this up: The nonprofit think tank found that landlords who missed rental income in the early days of the pandemic were more likely to raise rents and planned to jack up prices by a larger percentage, "indicating they are looking to recover some financial losses." Property managers may also tighten the screws on screening, the process of crawling through background checks, employment information, and credit histories to pick the tenants most likely to pay their rent on time and without issue. For renters, this screening is often a "black box," Marie Claire Tran-Leung, a senior staff attorney at the National Housing Law Project, tells me — they may have no idea what their application fee is being used for, or which criteria might put them out of contention. A 2022 report from the Consumer Financial Protection Bureau identified error-riddled background checks and algorithmically derived "risk scores" that effectively reduced applications to a thumbs-up or thumbs-down. "Screening has become just more and more opaque, and it's often locking people out of the application process altogether, making it really difficult to access housing," Tran-Leung says. "The application fees are of significant concern because people are having to pay a lot of money, in some cases, without a realistic chance of accessing that housing." A spokesperson for Snappt tells me in an email that its technology is built to "reduce bias, not reinforce it," and that the company doesn't decide who gets approved or denied for a place. The spokesperson also says that Snappt gives applicants flexibility in how they verify their information — through secure document uploads, for example, or linking directly to bank accounts or payroll providers. "Traditional manual reviews and subjective decision-making can introduce human bias — sometimes unintentionally," the spokesperson says. "By contrast, Snappt's Applicant Trust Platform applies a consistent, evidence-based process to identify document tampering and verify income and identity data, without regard to race, gender, or background." Tran-Leung says the concern over leasing fraud is a distraction from the affordability crisis, a way for landlords to pass the buck on the rising cost of housing. Rents have increased by more than 25% since 2020, according to Zillow data, despite some recent easing due to a surge in new rental supply. Moody's Analytics recently found that more than half of American renter households are considered "rent-burdened," meaning they spend over 30% of their income on shelter. That's the tricky part of all this. Tenant advocates largely view landlords' claims of rising fraud as overblown, a sideshow to the main issue of affordability. Housing operators say that the very real rise in fraud only exacerbates that problem. As technological advancements make distorting reality as simple as tooling around with a chatbot, I don't think we're close to seeing the last of these complaints. Jared Decker, the property manager in Florida, certainly hasn't. He says his office is dealing with another instance of fraud that summons memories of that quagmire back in 2023. These kinds of instances are exceedingly rare, he tells me — usually the application process raises flags before a fraudster moves in. But as landlords and property managers guard against these nightmare scenarios, vying for an apartment has gotten more difficult for everyone else. "It has become much more of a process, much longer, much more drawn out," Decker tells me. "Many more requirements for the honest person because of all these fraudsters and scammers." James Rodriguez is a correspondent on Business Insider's Discourse team. Business Insider's Discourse stories provide perspectives on the day's most pressing issues, informed by analysis, reporting, and expertise.

恶意利用与网络犯罪

链接: https://www.upi.com/Top_News/US/2025/12/01/Megan-Thee-Stallion-wins-defamation-lawsuit/2521764629953/

类别: U.S. News

作者: Sheri Walsh

日期: 2025-12-01

主题: 名人诽谤诉讼与深度伪造视频的法律后果

歌手Megan Thee Stallion赢得了针对博主Milagro Gramz的诽谤诉讼。该博主被指控散布虚假信息，包括推广未经Megan同意的“深度伪造色情视频”，并与枪击Megan的Tory Lanez协调。陪审团裁定Megan获得75,000美元赔偿金（后被法官降至59,000美元）及律师费。

该新闻具有高价值。新闻中明确提及博主被裁定推广了未经Megan Thee Stallion同意的“深度伪造色情视频”。“深度伪造”技术是人工智能的恶意应用，直接触及了高价值标准中的“恶意利用与网络犯罪”以及“社会影响与伦理风险”。具体而言，它涉及利用AI技术制造“虚假信息”进行“诽谤”，并导致“隐私泄露”和对受害者的“情感困扰”。

Dec. 1 (UPI) -- Megan Thee Stallion won her defamation lawsuit Monday in Miami against blogger Milagro Gramz, who she said was a "paid surrogate" and spread "hateful rumors" on behalf of the man who shot her five years ago. The federal jury of five men and four women awarded the Grammy-winning rapper $75,000 in damages -- far less than the six figures sought -- in addition to legal fees, per Florida law. U.S. District Court Judge Cecilia Altonaga dropped the damages down to $59,000. The jurors found Gramz, whose real name is Milagro Cooper, defamed Megan by promoting a "deepfake pornographic video" featuring the "Lover Girl" rapper without her consent. The jury also found Cooper inflicted emotional distress by coordinating with Tory Lanez, who was convicted and sentenced to 10 years in prison for shooting Megan on July 15, 2020, during a heated argument in Los Angeles. "I'm not ecstatic," Cooper said Monday after the jury's decision. "Of course you want things to go your way but like I said I respect the jury and what they decided." Megan told reporters as she left the courthouse, "I'm just happy."

恶意利用与网络犯罪

链接: https://www.euipo.europa.eu/news/europol-and-euipo-reveal-updated-situation-report-on-misleading-invoices

日期: 2025-05-16

主题: 知识产权欺诈；人工智能在网络犯罪中的应用；误导性支付请求

欧罗巴刑警组织和欧盟知识产权局发布了关于误导性发票的最新情况报告，揭示了诈骗者如何利用知识产权权利人及申请人的公开数据，通过冒充官方机构、电子邮件欺骗和网络钓鱼等手段进行欺诈。报告指出，诈骗活动显著增加，平均每次诈骗金额为1500欧元，年利润超过2600万欧元。特别值得关注的是，数字化和人工智能（AI）工具已被诈骗者用于增强其犯罪活动。欧盟知识产权局正与各方合作打击此类欺诈，并提醒权利人警惕此类支付请求。

该新闻具有高价值。正文明确指出“数字化和人工智能（AI）工具使得诈骗者更容易利用技术并支持其犯罪活动”，这直接符合高价值标准中“恶意利用与网络犯罪”的定义，即“涉及利用AI实施‘自动化攻击’、‘诈骗’、‘钓鱼’、‘勒索’，或开发传播‘恶意工具’”。新闻揭示了AI技术被用于大规模金融欺诈，涉及每年超过2600万欧元的非法利润，对经济安全和社会稳定构成威胁。

Europol and EUIPO reveal updated situation report on misleading invoices For more than a decade, the European Union Intellectual Property Office (EUIPO) has gathered user reports on how intellectual property (IP) system users have been systematically targeted by scammers who take advantage of public data on IP rightsholders and applicants to commit cross-border crimes. To assess the scope of the issue, Europol recently released the 2024 situation report ‘Misleading payment request fraud targeting intellectual property right owners’, which was funded by the EUIPO. The 2024 report is an update of previous strategic reports and highlights scammers’ evolving tactics and trends. The report shows a significant increase in fraudulent activities targeting IP rightsholders and applicants. Scammers use advanced tactics such as email spoofing and phishing attacks to exploit vulnerable individuals and businesses into paying unnecessary fees for unsolicited or fake services. They often impersonate official IP offices, such as the EUIPO, using fake certificates and imitating logos to appear legitimate. They also use the EUIPO's online database and national IP office registers to identify potential victims. Payment requests sent via email have increased significantly since the beginning of 2023, along with those sent via post which remain the most common method for establishing contact. The updated report estimates that the average fee requested by fraudsters is EUR 1,500, resulting in estimated yearly profits of over EUR 26 million which is used to improve logistics, invest in advanced technologies and expand illegal activities worldwide. Furthermore, the use of digitalisation and artificial intelligence (AI) tools has made it easier for scammers to exploit technology and support their criminal activity. The EUIPO is committed to protecting IP rightsholders and applicants across the EU and bringing those responsible to justice, working closely with Europol, other law enforcement agencies and the Anti-Scam network to combat this type of fraud. As a result of the EUIPO's active involvement in the proceedings, criminal courts in two EU Member States ruled that sending misleading payment requests to users of the IP system constitutes fraud—in Sweden in 2017 and in September 2024 in Germany—setting important legal precedents. To increase common efforts, the EUIPO coordinates the Anti-Scam Network, comprising representatives from national and regional IP offices from EU Member States and EFTA countries, EPO, WIPO, Europol, Eurojust, IP offices of EU candidate countries and several user associations. The EUIPO urges all IP right applicants and owners to be cautious when receiving payment requests and to verify the authenticity of the communication before taking any action. If a payment request includes a bank account that is different from the two EUIPO bank accounts held in Spain (Caixa Bank ES03 2100 2353 0107 0000 0888 and Santander ES08 0049 6659 0121 1622 4792), it does not originate from the EUIPO. For information on legitimate payment methods and to report any suspicious activity to the relevant authorities and to the EUIPO, check this dedicated page on the EUIPO website.

恶意利用与网络犯罪

链接: https://www.foxnews.com/tech/how-spot-stop-ai-phishing-scams

类别: tech

作者: Kurt Knutsson, CyberGuy Report

日期: 2025-10-14

主题: AI驱动的网络钓鱼诈骗及其防范

新闻指出，人工智能正被黑客用于创建更智能、更难识别的网络钓鱼诈骗，包括利用AI生成逼真的电子邮件、语音克隆（vishing）和深度伪造视频。文章揭示了这些AI驱动诈骗的识别特征，例如可疑发件人地址、非自然语言、机器人般的声音以及深度伪造视频中的视觉异常，并提供了防范措施，如不信任意外请求、使用数据清除服务、安装杀毒软件、启用双因素认证和验证信息。

它直接涉及“恶意利用与网络犯罪”这一高价值标准。正文明确指出“黑客正在利用AI使网络钓鱼诈骗更智能、更难发现”，并详细描述了AI在“网络钓鱼电子邮件”、“语音钓鱼（vishing）”和“深度伪造视频”中的应用，这些都属于利用AI实施“诈骗”和“钓鱼”的行为。文章还提及了具体的受害者损失，例如“一名女性因AI诈骗损失了85万美元”，以及“一位父亲因语音钓鱼损失了40亿美元的比特币”，这些都印证了AI恶意利用造成的重大“财产损失”。

Artificial intelligence can do a lot for us. Need to draft an email? AI has you covered. Looking for a better job? AI can help with that, too. It can even boost our health and fitness. Some tools, like AI-powered exoskeletons, can lighten heavy loads and improve performance. But it's not all sunshine and progress. Hackers are also turning to AI, and they're using it to make phishing scams smarter and harder to spot. These scams are designed to trick people into handing over personal details or money. One woman recently lost $850,000 after a scammer, posing as Brad Pitt with the help of AI, convinced her to send money. Scary, right? The good news is that you can learn to recognize the warning signs. Before we dive into how to protect yourself, let's break down what AI phishing scams really are. HOW AI BROWSERS OPEN THE DOOR TO NEW SCAMS Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com newsletter. AI phishing scams are when hackers use AI to make their scams more convincing. AI helps them create super-realistic emails, messages, voices and even videos. This makes it harder for people to tell what’s real and what’s fake. Old-school phishing emails were easy to spot because of typos and bad grammar. However, thanks to AI tools like ChatGPT, hackers can now create flawless, professional-sounding emails that are much harder to detect. AI-generated phishing emails aren’t the only threat. Hackers are also using AI to pull off scams like: Here’s how you can spot these AI-driven scams before they fool you. Though hackers can use AI tools to write grammatically perfect email copy, AI phishing emails still have some classical red flags. Here are some telltale signs that it is an AI-driven phishing email: The biggest red flag is the sender’s email address. There is often a slight change in the spelling of the email address, or it is an entirely different domain name. For example, a hacker might use an email like xyz@PayPall.com or a personal address from Gmail.com, such as the email below, or Outlook.com while pretending to be from PayPal. It used to be easier to spot phishing emails by noticing silly typos. Thanks to AI, hackers can now craft flawless emails. But you can still sense a phishing email if you analyze the language of the email body copy carefully. The most prominent sign of AI-generated email copy is that it looks highly formal with a dash of failed attempts to be personal. You might not notice it at first, but looking at it closely is likely to give a red flag. The language of such emails is often robotic. With AI, it is possible to clone voices. So, there is no surprise that there is a steep rise in voice phishing, which is also known as vishing. Recently, a father lost $4 billion in Bitcoin to vishing. Though AI voice cloning has improved, it’s still flawed. You can spot inconsistencies by verifying the speaker's identity. Ask specific questions that only the real person would know. This can reveal gaps in the scammer's script. The voice, also, at times may sound robotic due to imperfections in voice cloning technology. So the next time, whenever you receive a call that creates a sense of urgency, ask as many questions as you can to verify the identity of the person. You may also consider verifying the claims through the second channel. If the person on the other side of the phone says something, you can get it confirmed by the official email to be on the safer side. GOOGLE AI EMAIL SUMMARIES CAN BE HACKED TO HIDE PHISHING ATTACKS Deepfake videos are getting pretty convincing, but they’re not flawless yet. They have visual inconsistencies and oddities, which can make the voice or video appear fake. So watch the video carefully and try to catch the signs of unnatural eye movements, lip-sync issues, weird lighting, shadows and voice inconsistencies. You can also use a deepfake video detection tool to spot a fake video. A shared secret is something only you and your loved ones know. If someone claiming to be a friend or family member contacts you, ask for the shared secret. If they can’t answer, you’ll know it’s a scam. AI phishing scams rely on tricking people into trusting what looks and sounds real. By staying alert and practicing safe habits, you can lower your risk. Here's how to stay ahead of scammers: Never trust unexpected emails, texts or calls that ask for money, personal details or account access. Scammers use urgency to pressure you into acting fast. Slow down and double-check before clicking or responding. If something feels off, it probably is. Protect your devices with a trusted data removal service to reduce the amount of personal info exposed online. Fewer exposed details make it harder for scammers to target you. While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you. Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting CyberGuy.com.Get a free scan to find out if your personal information is already out on the web: CyberGuy.com. Hackers often hide malicious links behind convincing text. Hover your cursor over a link to see the actual URL before you click. If the address looks odd, misspelled or unrelated to the company, skip it. Clicking blindly can download malware or expose your login details. Also, install strong antivirus software on all of your devices that blocks phishing links and scans for malware. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at CyberGuy.com. CLICK HERE TO GET THE FOX NEWS APP Even if a scammer steals your password, two-factor authentication (2FA) can keep them locked out. Enable 2FA on your email, banking and social media accounts. Choose app-based codes or a hardware key over text messages for stronger protection. The more personal details you share, the easier it is for hackers to make AI scams believable. Avoid posting sensitive information like travel plans, birthdays or financial updates on social media. Scammers piece these details together to build convincing attacks. If you get a message asking for money or urgent action, confirm it in another way. Call the person directly using a number you know, or reach out through official company channels. Don't rely on the same email, text or call that raised suspicion in the first place. AI is making scams more convincing and harder to detect, but you can stay ahead by recognizing the warning signs. You should watch out for suspicious email addresses, unnatural language, robotic voices and visual glitches in videos, and always verify information through a second channel. You should also establish a shared secret with loved ones to protect yourself from AI-driven voice and video scams. Have you experienced any AI-driven phishing scams yet, and what do you think is the best way to spot such a scam? Let us know by writing to us at CyberGuy.com. Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com newsletter. Copyright 2025 CyberGuy.com.  All rights reserved.

恶意利用与网络犯罪

链接: https://www.foxnews.com/us/wife-charged-attempted-murder-after-allegedly-lacing-husbands-drink-poison-police

类别: us

作者: Julia Bonavita

日期: 2025-10-15

主题: AI工具（ChatGPT）被用于研究犯罪方法；AI恶意利用；谋杀未遂案。

一名北卡罗来纳州女子Cheryl Harris Gates因涉嫌用处方药毒害丈夫的能量饮料，意图使其丧失行为能力，而被控谋杀未遂。警方指控她在案发前曾多次使用ChatGPT搜索“致残”和“致命”的药物组合。

它直接涉及“恶意利用与网络犯罪”这一高价值标准。正文明确指出，“当局指控盖茨在7月8日至9月29日期间进行了多次ChatGPT搜索，以研究可供服用或注射的‘致残’和‘致命’药物组合”。这表明人工智能工具（ChatGPT）被用于协助策划犯罪行为，凸显了AI被滥用于恶意目的的风险，符合“恶意利用”的定义。

A North Carolina woman is reportedly facing an attempted murder charge after police say she drugged her husband’s energy drink in an effort to incapacitate him. Cheryl Harris Gates, 43, was arrested last week after allegedly lacing her husband’s Celsius energy drink with "prescription medications with the intention of causing a blackout condition or incapacitation," according to The New York Post. Gates’ husband reportedly told authorities that on July 12 and Aug. 18, he became incapacitated and discovered a foreign, controlled substance in his drink. The couple lived separately at the time of the incident. CONNECTICUT MOTHER CHARGED WITH ATTEMPTED MURDER AFTER ALLEGEDLY POISONING HUSBAND WITH ANTIFREEZE Authorities allege Gates performed several ChatGPT searches between July 8 and Sept. 29 to research "incapacitating" and "lethal" drug combinations that could either be consumed or injected, The Post reported. Investigators reportedly discovered evidence through online records that Gates allegedly purchased materials and attempted to carry out a plan to poison her husband. Upon searching Gates’ home, authorities also found a capsule filling kit, syringes, medical droppers, medications and scales, according to The Post. COLORADO DENTIST DRUGGED WIFE YEARS BEFORE ALLEGED POISONING MURDER, FRIEND TESTIFIES She is also reportedly accused of placing a tracking device on her husband’s vehicle and breaking his window. At the time of her arrest, Gates was working as a pediatric occupational therapist at Charlotte-Mecklenburg Schools, WBTV reported. The school district did not immediately respond to Fox News Digital’s inquiry regarding her current employment status. TEXAS WOMAN ACCUSED OF PLOTTING EX-HUSBAND'S MURDER WITH FENTANYL-LACED CHOCOLATES UNDER INDICTMENT Gates is charged with attempted murder, stalking, damage to property and contaminating food or drink to render one mentally incapacitated or physically helpless, according to the Charlotte-Mecklenburg Police Department. The Mecklenburg County Sheriff's Department did not immediately respond to Fox News Digital’s request for comment. In a Monday court appearance, Gates was denied bond and is scheduled to appear in front of a judge on Oct. 30, WBTV reported. Fox News Digital was unable to locate an attorney representing Gates.

恶意利用与网络犯罪