Zelle Sued Over Payment Fraud Vulnerabilities

New York Sues Zelle Over Fraud Concerns

New York State has taken legal action against the peer-to-peer payment app Zelle, accusing the company behind it of enabling widespread fraud. The lawsuit, filed by New York Attorney General Letitia James' office, targets Early Warning Services, LLC (EWS), which operates Zelle. According to the AG's office, EWS knew that fraud was rampant on the platform but failed to implement necessary safeguards.

Zelle, launched in 2017, was designed as a bank-owned alternative to popular P2P platforms like Venmo and PayPal. However, the AG’s office claims that the platform was inherently flawed from the start. It lacked critical safety features that would have prevented scammers from easily targeting users. This led to over $1 billion in losses, with victims often left without recourse due to the app's rapid transaction process.

The lawsuit highlights that EWS did not require participating banks to report scams and rarely removed fraudulent accounts in a timely manner. Even when safeguards were developed, they were not consistently adopted. The case comes after previous concerns raised by elected officials and an investigation during the Biden administration, which was later closed.

Phishing Scam Targeting Malwarebytes

Malwarebytes, an antivirus software vendor, recently encountered a phishing scam that appeared to be from Netflix. The email claimed to seek a "visionary marketing leader" for a VP position, but clicking on the link led to a phishing domain. The fake website mimicked the real Netflix site and attempted to steal Facebook credentials.

This scam underscores the importance of endpoint protection and vigilance when encountering suspicious links. Users are advised to carefully check URLs for any signs of phishing, such as missing letters or unusual characters.

Canadian Parliament Breach

CBC News reported that an unknown malicious actor breached the Canadian House of Commons. While details of the attack remain limited, Canada's Communications Security Establishment (CSE) confirmed the incident and is investigating. Stolen data included employee names, job titles, office locations, email addresses, and information about their government-managed hardware.

The CSE has warned that China, Iran, and Russia are increasingly targeting Canadian systems. China seeks intellectual property, Iran focuses on espionage, and Russia targets Canada due to its NATO membership and support for Ukraine.

Fake Crypto Lawyers Scam

The FBI has issued a warning about scammers posing as lawyers who offer to recover funds stolen in cryptocurrency scams. These fake lawyers exploit vulnerable populations, particularly the elderly, by creating a false sense of security through association with government entities.

Red flags include the lack of credentials, requests for payments to third parties, and demands for payment in cryptocurrency or gift cards. Victims are urged to be cautious and verify the legitimacy of any legal representatives before sharing personal or financial information.

Kryptos Sculpture Auction

The Kryptos sculpture, created by US artist Jim Sanborn at CIA headquarters in 1990, contains an encrypted message that has remained unsolved for nearly 30 years. In November, the 30th anniversary of its installation, the secret could be revealed.

Original drafts, proof-of-concept prototypes, and coding charts used to encrypt the message will be auctioned by RR Auctions, expected to fetch between $300,000 and $500,000. While three of the four panels have been deciphered, a fifth riddle may still be hidden within the code.

The winning bidder will acquire the complete solution to Kryptos, though there is no obligation to reveal the sculpture’s secrets. The copper sculpture will remain at Langley, but its greatest secret will pass to a new guardian.