Skip to main content

Listen To This Article

Listen to this post

Ready to play

Cybersecurity Threat & Scam Analysis: April 15-21, 2025

I. Executive Summary

April 15-21, 2025, presented a dynamic cybersecurity landscape characterized by the continued dominance and increasing financial impact of text message-based scams (smishing), sophisticated phishing campaigns leveraging social engineering and potentially AI, and critical vulnerability disclosures requiring urgent attention from organizations. Data released by the Federal Trade Commission (FTC) this week highlighted the staggering $470 million lost to text scams in 2024, underscoring this attack vector's effectiveness and high priority for criminals (Federal Trade Commission, 2025). Common smishing lures included fake package delivery notifications, bogus job offers, fraudulent bank alerts, and phony unpaid toll notices (Federal Trade Commission, 2025). Phishing and impersonation remained pervasive across email, voice (vishing), and social media, with tax-related scams being particularly relevant given the mid-April timeframe (Internal Revenue Service, 2025), alongside notable incidents like hijacking a UK minister's social media account for cryptocurrency fraud (Agence France-Presse, 2025).

On the technical front, the Cybersecurity and Infrastructure Security Agency (CISA) added several actively exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including flaws in Apple products, Microsoft Windows NTLM, and SonicWall appliances, mandating swift remediation (Cal Poly, 2025). Oracle also issued critical patches (Center for Internet Security, n.d.). Threat actors, including state-sponsored groups like APT29 and Mustang Panda, demonstrated evolving tactics and toolsets in targeted campaigns (The Hacker News, n.d.). Key recommendations derived from the week's observations emphasize enhanced vigilance against smishing, evolving user training to combat sophisticated phishing and potential deepfakes, rigorous patch management, strengthening foundational security controls like Multi-Factor Authentication (MFA), and fostering a robust security culture where cybersecurity is a shared responsibility.

II. Major Scam Activities Reported (April 15-21, 2025)

The week of April 15-21, 2025, saw continued reports and warnings regarding various scams targeting individuals and businesses. Analysis reveals a strong emphasis on text message scams, persistent phishing and impersonation tactics, and various forms of transaction fraud exploiting trust and urgency.

A. The Ascendancy of Text Message Scams (Smishing)

Text message-based scams, or smishing, emerged as a particularly prominent threat during this period, underscored by a significant data release from the FTC.

  • FTC Data Spotlight (Published April 16, 2025):

    The FTC released data revealing that consumers reported losing $470 million to scams originating from text messages in 2024 (Federal Trade Commission, 2025). This figure represents a dramatic fivefold increase compared to losses reported in 2020, even though the absolute number of reports declined. The publication of this data during the target week highlights the perceived urgency and high current relevance of smishing as a major fraud vector. The substantial financial losses, combined with reports citing a 250% increase in smishing (Reddit, 2025) and extremely high message open rates (potentially up to 98%) (Consumer Advice, 2025), suggest that smishing provides a highly effective attack vector for criminals. Its immediacy and the personal nature of SMS communication may bypass filters and lower recipient suspicion more effectively than email.

  • Top 5 Reported Text Scams (Context from 2024 data, relevant to April 2025):

    The FTC spotlight detailed the most common types of text scams reported in 2024, providing context for ongoing threats (Federal Trade Commission, 2025):
    • **Fake Package Delivery:** This was the most frequently reported text scam. Fraudsters impersonate delivery services like the U.S. Postal Service or others, sending alerts about a non-existent issue with an incoming package. Victims are tricked into clicking a link and paying a small "redelivery fee," a pretext to steal credit card details or even Social Security numbers (Federal Trade Commission, 2025). This tactic capitalizes on the prevalence of e-commerce.
    • **Phony Job Opportunities ("Task Scams"):** Scammers send texts offering vague online work opportunities. These often involve "task scams," where victims complete simple online tasks (like rating products) and are then required to invest their own money, ostensibly to withdraw larger earnings, which they never receive. These scams prey on individuals seeking employment or supplement income (Federal Trade Commission, 2025).
    • **Fake Fraud Alerts:** Texts are sent mimicking banks or major companies (like Amazon), warning the recipient about a suspicious purchase or a problem with their account. If the victim responds or calls a provided number, they are connected to a fake fraud department and pressured into transferring money to a "secure" account controlled by the scammer (Federal Trade Commission, 2025). This abuses the trust consumers place in financial institutions and large retailers. The FTC itself has warned about scammers telling victims to move money to "protect" it (Consumer Advice, 2024).
    • **Bogus Unpaid Tolls:** These text messages resemble official notifications from electronic toll collection programs (like E-ZPass). They claim the recipient has an unpaid toll balance and provide a link to resolve it. Clicking the link leads to a fake payment site designed to steal credit card and potentially Social Security numbers (Federal Trade Commission, 2025). Active smishing campaigns impersonating E-ZPass and other US toll systems were reported during this timeframe, confirming the ongoing use of this lure (The Hacker News, n.d.).
    • **"Wrong Number" Scams:** These begin with a seemingly accidental text message. If the recipient replies, the scammer initiates a conversation, often building a fake friendship or romantic connection over time. Eventually, the scammer pivots to promoting a fraudulent investment scheme or requesting money, leading to significant financial losses (Federal Trade Commission, 2025). This method relies heavily on social engineering and can be a long-term deception.

  • Smishing Statistics & Trends:

    Smishing is identified as a primary type of mobile phishing attack (Infosecurity Magazine, 2025), with its effectiveness linked to the high open rates of text messages (Consumer Advice, 2025). Its definition involves using SMS to deceive recipients into divulging information or clicking malicious links, often mimicking legitimate entities (Imperva, 2025).

B. Phishing, Vishing, and Impersonation Tactics

Beyond smishing, traditional phishing via email, voice-based vishing, and various impersonation tactics remained central to the threat landscape.

  • IRS "Dirty Dozen" Relevance:

    Although the IRS releases its "Dirty Dozen" list of tax scams earlier in the year, the warnings remain highly pertinent in mid-April as tax season activities conclude. The list consistently flags email phishing (using lures like fake refunds or threats of legal action) and smishing (using alarming language like "account on hold" with bogus links) (Internal Revenue Service, 2025). It also specifically warns tax professionals about spear phishing attempts, often disguised as inquiries from potential new clients, designed to steal preparer credentials and client data (Internal Revenue Service, 2025).

  • Crypto Scam via Social Media Hack:

    An incident reported on April 15 involved the verified X (formerly Twitter) account of UK Minister Lucy Powell being compromised. Scammers used the account's credibility and reach (nearly 70,000 followers) to promote a fraudulent cryptocurrency token named "House of Commons" (Agence France-Presse, 2025). This exemplifies the use of high-profile account takeovers for financial scams, leveraging the implicit trust associated with verified accounts.

  • General Phishing Tactics:

    Phishing remains cited as the most common type of cyber threat (AAG IT Support, 2025) and the starting point for a vast majority (91% cited) of cyberattacks (Reddit, 2025). It broadly involves using fake emails, websites, or other communications to trick victims into revealing sensitive information (Century CU, 2025). Reports indicate attackers are leveraging Artificial Intelligence (AI) to create more sophisticated and hyper-realistic phishing messages that are harder to detect (Gracker, 2025). Deepfake technology is also being used in phishing scams, for instance, employing an AI-generated video of the YouTube CEO (Info-Tech Research Group, 2025). QR code phishing (quishing), where malicious QR codes lead victims to fake sites, has reportedly seen explosive growth (Reddit, 2025) and is recognized as a mobile threat vector (Infosecurity Magazine, 2025).

  • Vishing (Voice Phishing):

    Defined as scams conducted via phone calls (Infosecurity Magazine, 2025), vishing often involves scammers pretending to be from trusted organizations (banks, government agencies) and using urgency or threats to pressure victims into revealing information or making payments (Century CU, 2025). Caller ID spoofing is a common tactic to make the call appear legitimate (Century CU, 2025).

  • Imposter Scams:

    The trend of imposter scams—where criminals impersonate trusted individuals, companies, or government agencies—continues to rise, causing significant financial harm (AARP, 2025). Many of the specific scams detailed (IRS, package delivery, bank alerts) fall under this umbrella. The FTC issued a specific alert warning that scammers even impersonate the FTC itself, instructing victims to move their money into supposedly secure accounts, which are actually controlled by the scammers (Consumer Advice, 2024). The convergence of these tactics across email, SMS, phone, and social media demonstrates that impersonation is a core, adaptable strategy for criminals. Defending against it requires consistent verification of identity and communication authenticity, regardless of the channel used.

C. Transaction and Financial Fraud

Several types of scams directly targeting financial transactions were highlighted during this period.

  • Online Shopping/Purchase Scams:

    These scams target bargain hunters with fraudulent deals (Forbes Advisor UK, 2025). Scammers create fake websites mimicking legitimate retailers or use social media and auction sites to advertise non-existent goods (tech, clothing, cars) at attractive prices. Victims either receive nothing, a vastly different item, or a counterfeit product (Forbes Advisor UK, 2025). A report from Santander UK indicated losses exceeding £18 million to purchase scams in Q1 2025 alone, showing the scale of this issue (Forbes Advisor UK, 2025).

  • Charity Fraud:

    Criminals exploit public generosity, particularly following crises (the Myanmar Earthquake was mentioned as a recent example) (Forbes Advisor UK, 2025). They create fake charity websites or send emails/texts soliciting donations for fraudulent appeals (Forbes Advisor UK, 2025). The IRS also includes fake charities in its "Dirty Dozen" list, noting they seek money and personal information for identity theft (Internal Revenue Service, 2025).

  • Travel Scams:

    With summer approaching, warnings surfaced about criminals creating fake online listings for holiday packages, flights, and accommodation, often at unrealistically low prices (Forbes Advisor UK, 2025). These scams can also occur via unsolicited emails or messages offering fake deals. Action Fraud UK reported over £11 million lost to holiday fraud in 2024, with an average loss per victim of £1,844 (Forbes Advisor UK, 2025).

  • Tax-Related Financial Scams:

    Beyond phishing for credentials, specific financial scams related to taxes were flagged by the IRS and consumer groups. These include:
    • **Fake Tax Preparers:** Red flags include demanding cash payment upfront, charging a percentage of the refund, guaranteeing a large refund before seeing documents, or refusing to provide a Preparer Tax Identification Number (PTIN) or sign the return (AARP, 2025).
    • **False Credit Claims:** Promoting ineligible claims for credits like the Fuel Tax Credit (meant for off-highway business/farming) or a non-existent "Self-Employment Tax Credit" based on misleading social media advice (Internal Revenue Service, 2025).
    • **Other Filing Fraud:** Schemes involving filing Schedule H for fictional household employees or using falsified W-2/1099 forms to claim inflated refunds based on fake income and withholding (Internal Revenue Service, 2025).

  • Fake Check Scams:

    A common tactic involves sending a victim a check (often for more than expected) and instructing them to deposit it and quickly send back a portion or use the funds for a specific purpose (like buying equipment for a fake work-from-home job) (AARP, 2025). The original check is fraudulent and eventually bounces, but often only after the victim has sent their own real money to the scammer (AARP, 2025). A key warning sign is any scenario involving depositing a check and being pressured to act on it immediately (AARP, 2025). These varied financial scams often rely on manipulating the victim's desire for a good deal, their generosity, or their need for a service, or by creating artificial urgency. Building initial trust before inducing a financial transaction is key. This underscores the need for financial literacy, skepticism towards offers that seem too good to be true, and understanding financial processes like check clearing times.

Summary of Key Scams (April 15-21, 2025)

The following table summarizes the prominent scams analyzed during this period:

Scam Type Primary Vector(s) Key Tactics Likely Target(s) Source/Reference
Package Delivery Smishing SMS Impersonation (USPS, etc.), Urgency, Fee Request General Public (Federal Trade Commission, 2025); (CBS News, 2025)
Fake Job Task Scam SMS, Online Fake Offer, Social Engineering, Investment Job Seekers (Federal Trade Commission, 2025)
Bank/Retail Fraud Alert SMS, Phone (Vishing) Impersonation (Bank, Amazon), Urgency, Fear General Public (Federal Trade Commission, 2025); (Consumer Advice, 2024)
Unpaid Toll Smishing SMS Impersonation (Toll Authority), Urgency, Malicious Link General Public (Drivers) (Federal Trade Commission, 2025); (The Hacker News, n.d.)
"Wrong Number" Romance/Investment SMS, Messaging Apps Social Engineering, Relationship Building, Fake Investment General Public (Potentially Older Adults) (Federal Trade Commission, 2025)
IRS Impersonation Phishing/Smishing Email, SMS, Phone (Vishing) Impersonation (IRS), Threats, Fake Refund Offer Taxpayers (Internal Revenue Service, 2025); (*Phish, Smish*, 2025)
Tax Pro Spear Phishing Email Impersonation (New Client), Malicious Attachment/Link Tax Professionals (Internal Revenue Service, 2025); (*Phish, Smish*, 2025)
Crypto Scam via Hacked Account Social Media (X) Impersonation (Account Owner), Fake Offer Social Media Followers, Potential Investors (Agence France-Presse, 2025)
Online Purchase Scam Website, Social Media Fake Website/Listing, Fake Offer (Discount) Online Shoppers (Forbes Advisor UK, 2025)
Fake Charity Fraud Website, Email, SMS Impersonation (Charity), Social Engineering General Public (Donors) (Forbes Advisor UK, 2025); (Internal Revenue Service, 2025)
Travel Scam Website, Email Fake Listing, Fake Offer (Low Price) Travelers (Forbes Advisor UK, 2025)
Fake Tax Preparer In-person, Online Fake Offer (Guaranteed Refund), Fee Request Taxpayers (AARP, 2025)
Fake Check Scam Mail, Email (linked to other scams) Social Engineering, Urgency, Overpayment General Public, Job Seekers, Online Sellers (AARP, 2025)

III. Cybersecurity Threat Landscape Update (April 15-21, 2025)

Beyond direct scams targeting end-users, the period saw significant activity in the broader cybersecurity threat landscape, including official advisories on critical vulnerabilities and reports of active threat actor campaigns.

A. Official Advisories and Alerts

Government agencies and security organizations issued several important alerts and updates.

  • CISA KEV Catalog Updates:

    CISA added multiple vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, signifying they are being actively exploited in the wild and pose significant risk. Additions between April 15-17 included (Cal Poly, 2025):
    • April 17: CVE-2025-31200 (Apple Multiple Products Memory Corruption Vulnerability), CVE-2025-31201 (Apple Multiple Products Arbitrary Read and Write Vulnerability), and CVE-2025-24054 (Microsoft Windows NTLM Hash Disclosure Spoofing Vulnerability). The Microsoft flaw was reported as being under active attack to steal NTLM credentials (The Hacker News, n.d.).
    • April 16: CVE-2021-20035 (SonicWall SMA100 Appliances OS Command Injection Vulnerability).
    • Other vulnerabilities potentially added around this timeframe (based on CISA activity logs) (Cal Poly, 2025) include Linux Kernel flaws (CVE-2024-53197, CVE-2024-53150), a Gladinet CentreStack vulnerability (CVE-2025-30406), and a Microsoft Windows Common Log File System Driver flaw (CVE-2025-29824). Inclusion in the KEV catalog triggers Binding Operational Directive (BOD) 22-01, requiring U.S. federal civilian agencies to remediate these vulnerabilities by specified deadlines, and serves as a strong recommendation for all organizations to prioritize patching (Cal Poly, 2025).

  • CISA ICS Advisories:

    CISA released numerous Industrial Control Systems (ICS) advisories during the week (nine on April 15, six on April 17) (Cal Poly, 2025). These advisories provide timely information about security issues, vulnerabilities, and exploits specifically impacting ICS environments, highlighting the ongoing focus on protecting critical infrastructure (Cal Poly, 2025).

  • Oracle Critical Patches:

    An advisory was issued around April 15 concerning Oracle's quarterly critical patch update (Center for Internet Security, n.d.). It warned of multiple vulnerabilities across Oracle products, some potentially allowing remote code execution. The Center for Internet Security (CIS) noted that its Cyber Threat Alert Level remained at Blue (Guarded) as of April 16, partly due to these Oracle vulnerabilities (Center for Internet Security, n.d.).

  • CISA/MITRE CVE Program Contract:

    Significant community attention focused on the Common Vulnerabilities and Exposures (CVE) Program. MITRE Corporation's contract to manage the CVE and Common Weakness Enumeration (CWE) programs was set to expire on April 16. Following concerns about potential disruption to this critical global vulnerability tracking initiative, CISA announced on April 16 that it had exercised an 11-month option period on the contract, ensuring continuity of services until March 16, 2026 (Infosecurity Magazine, 2025). This averted what could have been a major disruption to the cybersecurity ecosystem.

  • CISA Internal Review & Posture:

    Contextually relevant is a Department of Homeland Security Office of Inspector General (OIG) report (published January 2025) which found security deficiencies in access controls and awareness training for a selected High Value Asset (HVA) system within CISA itself, suggesting challenges in implementing effective controls even within lead cybersecurity agencies (Oig.dhs.gov, 2025). Separately, CISA publicly denied reports suggesting a shift in priorities away from Russian cyber threats under the Trump administration, reaffirming its commitment to addressing all threats (Infosecurity Magazine, 2025).

The constant stream of KEV updates and critical patches underscores the necessity of rapid, reactive patching. However, the CISA OIG report serves as a reminder that foundational security controls (like access management, training, monitoring) are equally crucial and can be challenging to maintain consistently. A reliance solely on patching known flaws is insufficient without addressing these underlying potential weaknesses.

B. Notable Vulnerabilities and Exploits

Specific vulnerabilities garnered attention due to their severity or active exploitation.

  • Microsoft NTLM Spoofing (CVE-2025-24054):

    Added to the KEV catalog (Cal Poly, 2025), this medium-severity vulnerability in Windows NTLM allows spoofing over a network. Reports indicated active exploitation, potentially enabling attackers to steal NTLM credentials when a user downloads a file from a malicious server (The Hacker News, n.d.).

  • Apple Vulnerabilities (CVE-2025-31200, CVE-2025-31201):

    Also added to KEV, these affect multiple Apple products and relate to memory corruption and arbitrary read/write capabilities, indicating serious potential impacts if exploited (Cal Poly, 2025).

  • ASUS AiCloud Router Flaw (CVE-2025-2492):

    A critical vulnerability (CVSS score 9.2) was disclosed affecting ASUS routers with the AiCloud feature enabled. It could allow remote attackers to execute unauthorized functions. Users were urged to update firmware, highlighting risks in consumer networking gear.

  • Linux Kernel Vulnerabilities:

    Recent KEV additions included Out-of-Bounds Access (CVE-2024-53197) and Read (CVE-2024-53150) vulnerabilities in the Linux Kernel, frequent targets for attackers (Cal Poly, 2025).

  • Oracle Vulnerabilities:

    The quarterly patch release addressed multiple vulnerabilities, some allowing remote code execution, across various Oracle products (Center for Internet Security, n.d.).

C. Active Threat Actor Campaigns and Malware

Reports detailed ongoing campaigns and malware threats from various actors.

  • APT29 (Russia-linked):

    This sophisticated state-sponsored group, also known as Cozy Bear, was linked to an advanced phishing campaign targeting diplomatic entities in Europe. The campaign used wine-tasting event invitations as lures and deployed a new variant of the WINELOADER malware along with a previously unreported loader dubbed GRAPELOADER (The Hacker News, n.d.).

  • Mustang Panda (China-linked):

    This threat actor targeted an organization in Myanmar using an updated toolkit. This included new versions of the TONESHELL backdoor, a lateral movement tool called StarProxy, keyloggers (PAKLOG, CorKLOG), and an Endpoint Detection and Response (EDR) evasion driver named SplatCloak, indicating continuous malware development (The Hacker News, n.d.).

  • Rogue npm Packages:

    Researchers discovered malicious packages published to the npm (Node Package Manager) registry. These packages mimicked a legitimate Telegram bot library but contained code to install SSH backdoors on Linux systems and exfiltrate data, highlighting software supply chain risks (The Hacker News, n.d.).

  • Multi-Stage Malware Delivery:

    A campaign was observed delivering commodity malware like Agent Tesla (infostealer), Remcos RAT (Remote Access Trojan), and XLoader. The attack chain involved multiple stages, often starting with phishing emails containing specific archive types (e.g., 7-zip) with malicious script files (.JSE mentioned) that download and execute further PowerShell scripts to deploy the final payload (The Hacker News, n.d.).

  • XorDDoS Malware:

    Updates emerged on the XorDDoS botnet malware, including the discovery of a new controller and associated infrastructure. This malware targets Linux systems and has expanded its reach to Docker environments and IoT devices, primarily using them to launch Distributed Denial-of-Service (DDoS) attacks (The Hacker News, n.d.).

  • MassJacker Malware:

    This cryptojacking malware was noted for stealing cryptocurrency by monitoring the victim's clipboard and replacing copied cryptocurrency wallet addresses with addresses controlled by the attacker. One source cited it targeting potentially 778,000 wallets (Info-Tech Research Group, 2025).

  • Akira Ransomware via Webcam:

    A report detailed an attack where the Akira ransomware group allegedly gained initial access to a network by compromising an internet-connected webcam, demonstrating how insecure IoT devices can serve as entry points for major attacks (Info-Tech Research Group, 2025).

The threats observed span sophisticated state-sponsored espionage (APT29, Mustang Panda), financially motivated cybercrime using commodity malware (Agent Tesla, Remcos) and ransomware (Akira), supply chain compromises (npm packages), and specific tactics like cryptojacking (MassJacker) and DDoS (XorDDoS). Attackers utilize diverse vectors including phishing, software vulnerabilities, and insecure IoT devices. This necessitates a comprehensive, layered defense strategy addressing endpoints, networks, supply chains, IoT, user awareness, and incorporating threat intelligence to track evolving adversary tactics, techniques, and procedures (TTPs).

Summary of Significant Vulnerabilities & Threats (April 15-21, 2025)

CVE/Threat Name Type Description Potential Impact Status/Action
CVE-2025-24054 Vulnerability (MS NTLM) Spoofing flaw allowing NTLM credential theft on file download. Credential Theft, Network Compromise KEV Added (Apr 17) - Patch Now, Monitor Activity
CVE-2025-31200 Vulnerability (Apple) Memory corruption vulnerability in multiple Apple products. Arbitrary Code Execution, System Compromise KEV Added (Apr 17) - Patch Now
CVE-2025-31201 Vulnerability (Apple) Arbitrary read and write vulnerability in multiple Apple products. Data Exposure/Modification, System Compromise KEV Added (Apr 17) - Patch Now
CVE-2021-20035 Vulnerability (SonicWall) OS command injection vulnerability in SMA100 appliances. Remote Code Execution, Network Compromise KEV Added (Apr 16) - Patch Now
CVE-2025-2492 Vulnerability (ASUS) Critical flaw in AiCloud-enabled routers allowing remote function execution. Router Compromise, Network Access/Control Update Firmware Immediately
Oracle Quarterly Patches Vulnerability (Oracle) Multiple vulnerabilities across products, some allowing remote code execution. Varies (RCE, Data Access, DoS) Apply Patches Urgently
APT29 Campaign APT Campaign (Russia) Phishing targeting European diplomats using WINELOADER/GRAPELOADER malware. Espionage, Credential Theft, Network Persistence Active Campaign - Monitor IOCs, Enhance Phishing Defenses
Mustang Panda Campaign APT Campaign (China) Targeting Myanmar org with updated TONESHELL, StarProxy, EDR bypass tools. Espionage, Data Exfiltration, Network Persistence Active Campaign - Monitor IOCs, Update Signatures
Rogue npm Packages Supply Chain Attack Malicious packages mimicking Telegram Bot API planting SSH backdoors on Linux. Backdoor Access, Data Exfiltration, Server Compromise Remove Malicious Packages, Audit Dependencies
Multi-Stage Malware Malware Delivery Campaigns delivering Agent Tesla, Remcos RAT, XLoader via phishing/scripts. Information Theft, Remote Access, System Control Monitor IOCs, Block Malicious Attachments/Scripts
XorDDoS Malware Malware/Botnet Expanding to Docker, Linux, IoT for DDoS attacks. DDoS Attacks, Resource Hijacking Monitor Network Traffic, Secure IoT/Docker
MassJacker Malware Malware (Cryptojacking) Steals cryptocurrency via clipboard hijacking. Financial Loss (Crypto Theft) Monitor Clipboard Activity, Use Security Software
Akira Ransomware Ransomware Reportedly used compromised webcam for initial access. Data Encryption, Extortion, Operational Disruption Secure IoT Devices, Implement Ransomware Defenses

IV. Anatomy of the Week's Scams and Attacks

Analyzing the scams and cyberattacks reported during April 15-21 reveals recurring patterns in the methods used by adversaries to achieve their objectives.

A. Dominant Attack Vectors Observed

Attackers employed a range of vectors to initiate contact and deliver malicious payloads:

  • SMS (Smishing):

    This was arguably the most highlighted vector, driven by the FTC's data release and warnings (CBS News, 2025). Its effectiveness stems from high open rates and its use for diverse lures like package deliveries, job offers, toll notices, and bank alerts. Smishing is a key component of mobile phishing attacks (Infosecurity Magazine, 2025).

  • Email (Phishing):

    Despite the rise of smishing, email remains a cornerstone for cyberattacks. It was central to IRS impersonation scams (Internal Revenue Service, 2025), general imposter scams (AARP, 2025), the delivery of malware like Agent Tesla (The Hacker News, n.d.), and potentially charity fraud (Forbes Advisor UK, 2025). It is still considered the most common type of cybercrime (AAG IT Support, 2025).

  • Malicious/Fake Websites:

    These served as destinations for phishing links sent via email or SMS, designed to harvest credentials or payment information (Imperva, 2025). They were also used directly in online shopping and charity scams (Forbes Advisor UK, 2025).

  • Social Media:

    Platforms like X were used for cryptocurrency scams via account takeover (Agence France-Presse, 2025). Social media was also noted as a source of bad tax advice leading to incorrect filings (Internal Revenue Service, 2025) and potentially a channel for fake shopping deals (Forbes Advisor UK, 2025).

  • Phone Calls (Vishing):

    Voice calls were used for direct impersonation and social engineering, often involving pressure tactics (Infosecurity Magazine, 2025).

  • Compromised Devices/Software:

    Attackers exploited vulnerabilities in software and hardware, including IoT devices like webcams (Info-Tech Research Group, 2025), consumer routers (ASUS flaw), and vulnerabilities in operating systems and applications (Apple, Microsoft, Oracle, SonicWall) (Cal Poly, 2025). Malicious software packages in repositories (npm) (The Hacker News, n.d.) represent a software supply chain vector, while malicious email attachments remain a common malware delivery method (The Hacker News, n.d.).

B. Common Deception Tactics Employed

Regardless of the vector, attackers relied heavily on psychological manipulation and technical tricks:

  • Impersonation:

    This was nearly universal across scams. Attackers pretended to be government agencies (Internal Revenue Service, 2025; Consumer Advice, 2024), well-known companies (USPS, banks, Amazon) (Federal Trade Commission, 2025), charities (Internal Revenue Service, 2025), potential business contacts (new clients for tax pros) (Internal Revenue Service, 2025), romantic interests (Federal Trade Commission, 2025), or even hacked high-profile accounts (Agence France-Presse, 2025).

  • Urgency/Pressure:

    Creating a false sense of urgency is a classic tactic, seen in smishing ("account on hold") (*Phish, Smish*, 2025), fake toll deadlines (Federal Trade Commission, 2025), vishing calls (Century CU, 2025), fake fraud alerts demanding immediate action (Federal Trade Commission, 2025), fake check scams requiring quick fund transfers (AARP, 2025), and tax scams involving threats. It's often cited as a key indicator of fraud (Forbes Advisor UK, 2025).

  • Fake Offers/Deals:

    Luring victims with attractive but fraudulent offers was common in online shopping (deep discounts) (Forbes Advisor UK, 2025), travel scams (unrealistic prices) (Forbes Advisor UK, 2025), job scams (easy money promises) (Federal Trade Commission, 2025), fake prize notifications (Imperva, 2025), and tax scams (guaranteed or inflated refunds) (Internal Revenue Service, 2025).

  • Social Engineering:

    This broad category encompasses manipulating victims through psychological means. Examples include building rapport in "wrong number" scams (Federal Trade Commission, 2025), exploiting generosity in charity scams (Internal Revenue Service, 2025), leveraging perceived authority in government impersonations (Internal Revenue Service, 2025), and tricking users into performing actions like clicking links, opening attachments, or transferring money. The "ClickFix" tactic, where users are tricked into clicking seemingly harmless elements that trigger malware, was noted as being used by state-sponsored groups.

  • AI/Deepfakes:

    An emerging and concerning tactic involves using AI to enhance deception. This includes creating hyper-realistic phishing emails (Gracker, 2025), generating deepfake videos (like the YouTube CEO example) (Info-Tech Research Group, 2025), and voice cloning (NetSPI, 2025). AI tools can lower the barrier for creating convincing social engineering lures (NetSPI, 2025).

  • Malicious Links/Attachments:

    These are the technical delivery mechanisms for many attacks, embedded in phishing emails, smishing texts, or malicious websites, leading to credential theft pages or malware downloads (Federal Trade Commission, 2025).

C. Identified Target Demographics and Businesses

While some attacks cast a wide net, others focused on specific groups:

  • General Public:

    Broadly targeted by high-volume scams like package delivery texts, toll fraud, online shopping scams, fake charity appeals, and general phishing/smishing campaigns (CBS News, 2025).

  • Job Seekers:

    Specifically targeted by phony job offers and task scams, exploiting their search for employment (Federal Trade Commission, 2025).

  • Taxpayers:

    A prime target during tax season for IRS impersonation, fake credit offers, misleading advice, and fraudulent tax preparer schemes (Internal Revenue Service, 2025).

  • Tax Professionals:

    Uniquely targeted by sophisticated spear phishing campaigns aiming to compromise their systems and steal client data (Internal Revenue Service, 2025).

  • Online Shoppers/Travelers:

    Directly targeted by purchase scams and fraudulent travel listings (Forbes Advisor UK, 2025).

  • Older Adults:

    Often considered more vulnerable to certain scams, particularly imposter scams and romance/confidence fraud, which report high losses among this demographic (AAG IT Support, 2025).

  • Specific Geographic Regions/Entities:

    Highly targeted attacks focused on specific groups, such as European diplomats (by APT29) (The Hacker News, n.d.), an organization in Myanmar (by Mustang Panda) (The Hacker News, n.d.), and US toll road users in specific states (The Hacker News, n.d.).

  • Businesses (General):

    Frequent targets of ransomware (AAG IT Support, 2025), phishing (Reddit, 2025), Business Email Compromise (BEC), and supply chain attacks (AAG IT Support, 2025). Small and Medium Businesses (SMBs) are often targeted and may lack resources to defend themselves effectively (AAG IT Support, 2025).

This multi-level targeting approach—casting wide nets with generic lures while simultaneously crafting specific campaigns for demographics, professions, or strategic intelligence goals—means that effective defense requires both broad public awareness and tailored security measures for high-risk groups and functions.

V. Protective Measures and Cybersecurity Awareness

(Published/Relevant April 15-21, 2025)

Amidst the reports of scams and threats, various sources provided guidance and best practices for protection and awareness during the week of April 15-21, 2025.

A. Guidance from Official Sources

Key recommendations came from regulatory bodies and security agencies:

  • Federal Trade Commission (FTC):

    Focused on text scams, the FTC advised consumers to never click links or respond to unexpected texts. Instead, contact the supposed sender through a verified, independent channel (known website or phone number). Suspicious texts should be forwarded to 7726 (SPAM) to help carriers block them, reported within messaging apps (Apple iMessage, Google Messages), and reported to the FTC via ReportFraud.ftc.gov. Using text filtering tools was also recommended (Federal Trade Commission, 2025). Crucially, the FTC reiterated it never demands money, makes threats, tells people to transfer funds for "protection," or promises prizes (Federal Trade Commission, 2025).

  • Internal Revenue Service (IRS):

    Related to tax scams, the IRS advises taxpayers to be alert for fake communications and never click on unsolicited links claiming to be from the IRS (Internal Revenue Service, 2025). Taxpayers should watch for red flags from tax preparers (upfront cash demands, percentage fees, guaranteed refunds, refusal to sign) (AARP, 2025) and use official IRS resources (IRS.gov) to find legitimate preparers (AARP, 2025). Abusive tax schemes and preparers should be reported (*Phish, Smish*, 2025).

  • Action Fraud (UK):

    Regarding transaction scams, recommendations included not feeling pressured into online purchases, avoiding bank transfers where possible and using credit cards for better protection (Forbes Advisor UK, 2025). For charity donations, verifying the charity's registration number and donating via the official website (not email links) was advised (Forbes Advisor UK, 2025). For travel, booking directly through trusted operators and checking for ABTA membership was suggested (Forbes Advisor UK, 2025).

  • Cybersecurity and Infrastructure Security Agency (CISA):

    CISA's actions and general guidance imply several recommendations: Patch vulnerabilities listed in the KEV catalog promptly. Implement phishing-resistant Multi-Factor Authentication (MFA) wherever feasible (Cal Poly, 2025). Monitor authentication logs for anomalies (Cal Poly, 2025). Be aware of nation-state threats (CISA, n.d.). Secure networks adequately (CISA, n.d.). Participate in information sharing initiatives (CISA, n.d.).

B. Recommended Best Practices

Consolidated advice from various security awareness articles and resources includes:

  • Think Before You Click:

    A fundamental rule for any unsolicited link or attachment in emails, texts, or messages (1111 Systems, 2025).

  • Strong, Unique Passwords & Password Managers:

    Use long, complex, unique passwords for different accounts. Password managers help create and store these securely (1111 Systems, 2025). Upcoming awareness events like World Password Day (May 1) reinforce this message (The Security Company, n.d.).

  • Multifactor Authentication (MFA):

    Enable MFA on all accounts that offer it, especially critical ones like email, financial, and social media. Phishing-resistant forms (like FIDO2 keys) offer the strongest protection (Cal Poly, 2025).

  • Software Updates:

    Regularly update operating systems, applications, and security software to install the latest patches and protect against known vulnerabilities (1111 Systems, 2025).

  • Recognize & Report Phishing/Smishing:

    Train yourself and employees to spot the signs of phishing and smishing (suspicious sender, urgent tone, generic greeting, typos, requests for sensitive info). Report suspicious messages to relevant parties (IT dept, 7726, FTC) (Federal Trade Commission, 2025).

  • Secure File Sharing:

    Use company-approved, encrypted methods for sharing sensitive data (1111 Systems, 2025).

  • Use Company Devices Wisely:

    Avoid personal browsing, downloading unapproved apps, or using unsecured networks on work devices (1111 Systems, 2025).

  • Verify Requests:

    Independently verify unexpected requests for information or action, especially those involving money transfers or credentials. Contact the supposed sender using a known, trusted method (e.g., official website phone number), not the contact info provided in the suspicious message (Federal Trade Commission, 2025).

  • Be Skeptical of Urgency/Offers:

    Recognize high-pressure tactics and deals that seem "too good to be true" as red flags for scams (Imperva, 2025).

  • Data Backup:

    Regularly back up important data to a secure, separate location. This is crucial for recovery from ransomware attacks. Ensure employees know which backup solutions are approved (The Security Company, n.d.). World Backup Day (March 31) serves as a reminder (The Security Company, n.d.).

  • Mobile Device Security/SMS Filtering:

    Implement security policies for mobile devices and utilize SMS filtering tools or features provided by carriers or apps (Imperva, 2025).

C. Specific Defenses Against Prevalent Scams

Tailored advice for the week's most common threats includes:

  • Text Scams:

    Actively use SMS filters, block suspicious numbers, report vigorously (to 7726, FTC, and within messaging apps), and always verify legitimacy through official channels before acting (Federal Trade Commission, 2025).

  • Phishing/Impersonation:

    Scrutinize sender details, hover over links (on desktop) to check the destination URL, be wary of urgent or unusual requests, use MFA, and verify identity through a separate communication channel (*Phish, Smish*, 2025).

  • Tax Scams:

    Use only reputable tax preparers (check IRS directory), question unrealistic promises, do not provide sensitive information based on unsolicited contact, and be wary of payment demands in unusual forms (e.g., gift cards) (AARP, 2025).

  • Online Shopping/Travel:

    Prefer credit cards for purchases due to better fraud protection, research sellers/providers for reviews and legitimacy, ensure website connections are secure (HTTPS), and be highly skeptical of prices far below market value (Forbes Advisor UK, 2025).

  • Fake Checks:

    Be aware that deposited funds may appear available before a check fully clears (which can take weeks). Be extremely suspicious of overpayments or any scenario requiring you to quickly send money back or to a third party after depositing a check (AARP, 2025).

  • AI/Deepfakes:

    Heighten skepticism for unexpected communications, even if they appear highly personalized or authentic. For sensitive requests (e.g., fund transfers, credential changes), use multi-channel verification – confirm an email request with a phone call to a known number, or vice versa. (Derived from threat descriptions) (Gracker, 2025).

D. Cybersecurity Awareness Initiatives & Culture

Building a resilient defense requires more than just technical tools; it involves people and culture.

  • Ongoing Awareness Efforts:

    Events like Cyber Awareness Week (1111 Systems, 2025), Cybersecurity Awareness Month (October) (Hudson, OH, n.d.), SANS Security Awareness Summit (SANS, 2025), and specific awareness days (Identity Management Day - Apr 8, World Password Day - May 1) (The Security Company, n.d.) serve as focal points for reinforcing security messages. Kennesaw State University's mandatory training ending April 21 is an example of institutional efforts (Kennesaw State University, n.d.). America's Credit Unions also held a cybersecurity conference focusing on awareness and training (America's Credit Unions, n.d.).

  • Shared Responsibility:

    Cybersecurity is not solely an IT department issue; it's a business-wide responsibility (NetSPI, 2025). Human error is cited as a factor in a vast majority (95%) of cybersecurity incidents (1111 Systems, 2025), making every employee a crucial part of the defense.

  • Training and Engagement:

    Effective security relies on continuous training, simulated phishing exercises to test awareness, and security workshops (1111 Systems, 2025).

  • Security Culture:

    The goal is to foster a culture where secure behaviors are ingrained and employees feel empowered and responsible for security (1111 Systems, 2025).

The consistent emphasis on human error (1111 Systems, 2025) highlights that while technical vulnerabilities are exploited, many successful attacks hinge on deceiving an individual (Federal Trade Commission, 2025). This makes informed, vigilant users the first and often best line of defense (The Security Company, n.d.). Consequently, investing in high-quality, continuous security awareness training that adapts to evolving threats like AI-powered social engineering (Gracker, 2025) is not merely a compliance activity but a critical risk mitigation strategy.

VI. Observed Impacts and Emerging Trends (Relevant to April 15-21, 2025 context)

Analysis of reports and data relevant to the mid-April 2025 timeframe reveals significant financial and operational consequences of cyber threats, alongside key technological and strategic trends shaping the landscape.

A. Financial and Operational Impacts

The tangible costs of cybercrime and scams continue to escalate.

  • Direct Financial Losses:

    The $470 million lost to text scams in 2024 (CBS News, 2025) and £18 million lost to UK purchase scams in Q1 2025 (Forbes Advisor UK, 2025) are stark indicators of direct financial harm. Overall fraud losses reported to the FTC reached $12.5 billion in 2024, a 25% increase from 2023, though actual losses are likely much higher due to underreporting (AARP, 2025). Projections estimate global cybercrime costs could reach $10.5 trillion annually by 2025 (Cybersecurity Ventures, 2016). Ransomware damage costs have soared dramatically (Cybersecurity Ventures, 2016). While average individual losses from phishing might seem low ($136 cited) (AAG IT Support, 2025), the average cost of a data breach is significantly higher ($12,124 cited) (AAG IT Support, 2025). Specific scam types like romance/confidence fraud also result in massive aggregate losses ($956M reported in US 2021) (AAG IT Support, 2025).

  • Operational Disruption:

    Beyond direct financial theft, cyberattacks cause significant operational disruption. Ransomware attacks can cripple businesses and critical services (examples like JBS, Costa Rica cited) (AAG IT Support, 2025). The average time to identify (197 days) and contain (69 days) a breach indicates prolonged disruption potential (AAG IT Support, 2025). Geopolitical tensions are also a major concern for operational disruption via cyberattacks (45% of CISOs most concerned about this) (reports.weforum.org, 2025).

  • Reputational Damage:

    The loss of customer trust and damage to brand reputation are significant consequences of breaches and scams, often cited alongside financial losses (reports.weforum.org, 2025).

  • Compliance Burden:

    The increasing number and fragmentation of cybersecurity regulations globally add a significant compliance burden and cost for organizations (reports.weforum.org, 2025). New mandates, like Switzerland's requirement for early disclosure of cyberattacks, contribute to this (Info-Tech Research Group, 2025).

B. The Growing Influence of AI in Cyber Threats

Artificial Intelligence is rapidly transitioning from a future concept to a present-day factor in cybersecurity, acting as a double-edged sword.

  • AI-Powered Attacks:

    AI is being used by attackers to create more sophisticated malware and phishing campaigns (Gracker, 2025). This includes hyper-realistic deepfake phishing messages (Gracker, 2025) and videos (Info-Tech Research Group, 2025). Adversarial advances powered by Generative AI (GenAI) are cited as a primary concern by nearly half (47%) of organizations, enabling more scalable and effective attacks (reports.weforum.org, 2025).

  • Deepfakes:

    The use of deepfakes for impersonation in phishing attacks (Gracker, 2025) and voice cloning for vishing or social engineering (NetSPI, 2025) makes traditional verification methods less reliable.

  • Lowering Barrier to Entry:

    Widely available AI tools significantly lower the skill required to conduct effective social engineering attacks. Large language models can generate convincing phishing emails from simple prompts, and voice cloning requires minimal audio input (NetSPI, 2025).

  • AI for Defense:

    Concurrently, AI and Machine Learning (ML) are increasingly vital for defense. They are used for automating threat detection, incident response, vulnerability management, and identifying anomalies (Gracker, 2025). Predictions include the rise of autonomous AI agents for network monitoring and response (NetSPI, 2025). However, as AI gains autonomy, establishing clear accountability frameworks becomes essential (NetSPI, 2025).
  • The rapid co-evolution of AI in both attack and defense creates a dynamic arms race. AI enhances the effectiveness and scale of existing threats like phishing (Gracker, 2025), demanding more sophisticated defenses, which themselves increasingly rely on AI (NetSPI, 2025). This necessitates that organizations actively monitor AI developments, evaluate AI-powered defensive tools, and prepare their workforce for AI-driven attack methods.

C. Persistence of Social Engineering and Foundational Threats

Despite technological advancements, fundamental threats and challenges persist.

  • Phishing/Smishing Dominance:

    These social engineering techniques remain top threats, exploiting human psychology rather than just technical flaws (Federal Trade Commission, 2025).

  • Ransomware:

    Continues to be a major, growing threat causing significant damage and disruption (Internal Revenue Service, 2025). Attackers are evolving tactics, such as targeting backups and APIs (Ransomware 3.0) (Gracker, 2025).

  • Supply Chain Complexity:

    The interconnectedness of digital supply chains creates opaque and significant risks, identified as a leading barrier to cyber resilience for large organizations (AAG IT Support, 2025).

  • Skills Gap:

    A persistent shortage of cybersecurity professionals hinders organizations' ability to manage risks effectively, particularly impacting the public sector and smaller organizations (reports.weforum.org, 2025).

  • Cyber Inequity:

    A widening gap exists between the cyber resilience capabilities of large organizations versus small ones, and between developed versus emerging economies (reports.weforum.org, 2025). Small organizations are seen as potentially reaching a "critical tipping point" where they can no longer adequately secure themselves (reports.weforum.org, 2025).

  • Data Silos & Tech Debt:

    Internal organizational issues like data silos between IT and security teams limit visibility and impede incident response (Ivanti, 2025). Accumulated technical debt from legacy systems increases vulnerability and hinders the adoption of modern security practices (Ivanti, 2025).

D. Emerging Technological Concerns

Looking slightly beyond the immediate threats, certain technological shifts raise future concerns:

  • Quantum Hacking:

    The eventual development of powerful quantum computers poses a threat to current cryptographic standards. Preparing for this requires transitioning to post-quantum cryptography (Gracker, 2025).

  • IoT Security:

    The proliferation of Internet of Things (IoT) devices, accelerated by 5G deployment, expands the attack surface. Insecure devices can be entry points for broader network compromises, as seen with the webcam/ransomware example (Gracker, 2025).

  • Cloud Security:

    As more data moves to the cloud (Cybersecurity Ventures, 2016), securing cloud environments remains critical. Concerns about unauthorized access to cloud platforms (like the legacy Oracle environment mentioned) (Cal Poly, 2025) persist.

VII. Conclusion and Strategic Recommendations

The cybersecurity landscape observed during April 15-21, 2025, underscores a complex interplay between rapidly evolving technological threats and persistent, human-focused scams. The significant financial impact of smishing, amplified by its high success rate, demands immediate attention. Simultaneously, the increasing sophistication of phishing attacks, potentially augmented by AI and deepfakes, necessitates a fundamental shift in user awareness training. Critical vulnerability disclosures continue at a pace that requires disciplined and rapid patch management, yet foundational security weaknesses related to access control, monitoring, and legacy systems remain prevalent challenges. State-sponsored actors and organized cybercriminals continue to refine their TTPs, exploiting supply chains, IoT devices, and human fallibility.

Based on the analysis of threats and trends observed during this period, the following strategic recommendations are crucial for enhancing organizational and individual cyber resilience:

  1. **Prioritize Smishing Defense:** Recognize smishing as a high-impact threat. Implement robust SMS filtering solutions, intensify user awareness training specifically addressing text-based lures and tactics, and strongly promote reporting mechanisms like forwarding to 7726 and reporting to the FTC.
  2. **Evolve Phishing Training:** Move beyond basic identification of typos. Train users to critically evaluate context, sender authenticity, and unexpected requests, even if messages appear legitimate or personalized (potentially via AI). Emphasize mandatory verification through separate, trusted communication channels before acting on sensitive requests, especially those involving fund transfers or credentials. Prepare users for deepfake threats.
  3. **Maintain Rigorous Patching Cadence:** Closely monitor CISA's KEV catalog and vendor security advisories (e.g., Microsoft, Apple, Oracle, networking equipment manufacturers). Implement a risk-based approach to prioritize and apply critical patches urgently to mitigate known exploited vulnerabilities.
  4. **Strengthen Foundational Security Controls:** Invest in and enforce phishing-resistant Multi-Factor Authentication (MFA) across all critical systems. Continuously review and improve access management policies (least privilege). Enhance security monitoring and logging capabilities for early threat detection. Develop strategies to address technical debt and mitigate risks associated with legacy systems. Actively work to break down data silos between IT and security teams to improve visibility and response coordination (Ivanti, 2025).
  5. **Bolster Supply Chain Security:** Enhance vendor risk management processes. Increase scrutiny of third-party security practices and demand greater transparency (e.g., through Software Bills of Materials - SBOMs). Monitor for threats originating from compromised suppliers or software components.
  6. **Foster a Proactive Security Culture:** Champion cybersecurity from the leadership level down. Implement continuous, engaging security awareness training that focuses on behavioral change. Make cybersecurity a shared responsibility across all departments, empowering employees to be the first line of defense.
  7. **Leverage Threat Intelligence:** Stay informed about the evolving TTPs of relevant threat actors (including APTs and cybercriminals), active malware campaigns, and prevalent scam types. Use threat intelligence to inform defensive strategies and prioritize resources.
  8. **Prepare for AI Impacts:** Understand how AI is being used both offensively and defensively. Cautiously evaluate AI-powered security tools for their actual effectiveness and potential biases. Develop incident response playbooks that account for AI-driven attacks, including deepfakes and highly convincing social engineering.

In conclusion, the period of April 15-21, 2025, served as a microcosm of the broader cybersecurity challenge: a landscape where cutting-edge exploits coexist with age-old deception techniques. Navigating this requires a dynamic, multi-layered strategy that combines technical diligence, robust foundational security, adaptive threat intelligence, and, critically, an informed and vigilant human element. Proactive adaptation and continuous improvement are essential for staying ahead of adversaries in this complex environment.

References

  • AAG IT Support. (2025, April 20). *The latest cyber crime statistics (updated April 2025)*. Retrieved April 20, 2025, from https://aag-it.com/the-latest-cyber-crime-statistics/
  • AARP. (2025, April 20). *SCAM ALERT: Be on the lookout for these scams in April 2025*. Retrieved April 20, 2025, from https://states.aarp.org/new-hampshire/scam-alert-be-on-the-lookout-for-these-scams-in-april-2025
  • Agence France-Presse. (2025, April 15). *Crypto scammers hack UK minister...*. NAMPA. https://www.nampa.org/text/22610617
  • America's Credit Unions. (n.d.). *Cybersecurity conference 2025 | America's Credit Unions*. Retrieved April 20, 2025, from https://www.americascreditunions.org/events-training/conference/cybersecurity-conference-2025
  • Cal Poly. (2025, April 20). *US CERT current activity – Information security*. Retrieved April 20, 2025, from https://security.calpoly.edu/aggregator/sources/2
  • CBS News. (2025, April 20). *FTC says people lost $470 million to text scams in 2024*. https://www.cbsnews.com/texas/video/ftc-says-people-lost-470-million-to-text-scams-in-2024/
  • Century CU. (2025, March 20). *Phishing, smishing, and vishing: Here's how these scam attacks differ*. Retrieved April 20, 2025, from https://blog.centurycu.org/2025/03/20/phishing-smishing-and-vishing-heres-how-these-scam-attacks-differ/
  • Center for Internet Security. (n.d.). *Cybersecurity threats*. Retrieved April 20, 2025, from https://www.cisecurity.org/cybersecurity-threats
  • CISA. (n.d.). *Cyber threats and advisories*. Retrieved April 20, 2025, from https://www.cisa.gov/topics/cyber-threats-and-advisories
  • Consumer Advice. (2024, January 24). *Did someone tell you to move or transfer your money? It could be a scam*. Federal Trade Commission. Retrieved April 20, 2025, from https://consumer.ftc.gov/consumer-alerts/2024/01/did-someone-tell-you-move-or-transfer-your-money-it-could-be-scam
  • Consumer Advice. (2025, April 20). *Archivo de las alertas para consumidores*. Federal Trade Commission. Retrieved April 20, 2025, from https://consumer.ftc.gov/alertas-para-consumidores/archivo/202504
  • Cybersecurity Ventures. (2016, October 21). *Cybercrime to cost the world $10.5 trillion annually by 2025*. Retrieved April 20, 2025, from https://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/
  • Federal Trade Commission. (2025, April 20). *New FTC data show top text message scams of 2024; Overall...*. https://www.ftc.gov/news-events/news/press-releases/2025/04/new-ftc-data-show-top-text-message-scams-2024-overall-losses-text-scams-hit-470-million
  • Forbes Advisor UK. (2025, April 20). *Five scams to beware in 2025*. Retrieved April 20, 2025, from https://www.forbes.com/uk/advisor/personal-finance/scams-beware/
  • Gracker. (2025, April 20). *25+ emerging cybersecurity trends to watch in 2025*. Retrieved April 20, 2025, from https://blog.gracker.ai/cybersecurity-trends-2025/
  • Hudson, OH. (n.d.). *News Flash • It's National Cybersecurity Awareness Month*. Retrieved April 20, 2025, from https://www.hudson.oh.us/CivicAlerts.aspx?AID=3414
  • Imperva. (2025, April 20). *What is smishing (SMS phishing) | Types & prevention*. Retrieved April 20, 2025, from https://www.imperva.com/learn/application-security/smishing/
  • Info-Tech Research Group. (2025, April 20). *Threat landscape briefing – April 2025*. Retrieved April 20, 2025, from https://www.infotech.com/videos/threat-landscape-briefing-april-2025
  • Infosecurity Magazine. (2025, April 20). *CISA throws lifeline to CVE program with contract extension*. Retrieved April 20, 2025, from https://www.infosecurity-magazine.com/news/cisa-cve-program-mitre-contract/
  • Infosecurity Magazine. (2025, April 20). *CISA denies reports of shift in cybersecurity posture amid Russian threats*. Retrieved April 20, 2025, from https://www.infosecurity-magazine.com/news/cisa-denies-report-russian-threats/
  • Infosecurity Magazine. (2025, April 20). *Mobile phishing attacks surge with 16% of incidents in US*. Retrieved April 20, 2025, from https://www.infosecurity-magazine.com/news/mobile-phishing-attacks-surge-16/
  • Internal Revenue Service. (2025, April 20). *Dirty Dozen tax scams for 2025: IRS warns taxpayers to watch out...*. https://www.irs.gov/newsroom/dirty-dozen-tax-scams-for-2025-irs-warns-taxpayers-to-watch-out-for-dangerous-threats
  • Ivanti. (2025, April 20). *State of cybersecurity trends report 2025*. Retrieved April 20, 2025, from https://www.ivanti.com/resources/research-reports/state-of-cybersecurity-report
  • Journal of Accountancy. (2025, February). *Phish, smish, and spear phish: IRS releases 2025's Dirty Dozen*. Retrieved April 20, 2025, from https://www.journalofaccountancy.com/news/2025/feb/phish-smish-and-spear-phish-irs-releases-2025-dirty-dozen/ (*Cited as *Phish, Smish* in text*)
  • Kennesaw State University. (n.d.). *Cybersecurity awareness training*. Retrieved April 20, 2025, from https://www.kennesaw.edu/uits/security/cybersecurity-awareness-training.php
  • NetSPI. (2025, April 20). *2025 cybersecurity trends that redefine resilience, innovation, and trust*. Retrieved April 20, 2025, from https://www.netspi.com/blog/executive-blog/security-industry-trends/2025-cybersecurity-trends/
  • Oig.dhs.gov. (2025, January 25). *Cybersecurity system review of a selected high value asset at CISA*. Retrieved April 20, 2025, from https://www.oig.dhs.gov/sites/default/files/assets/2025-01/OIG-25-08-Jan25.pdf
  • Reddit. (2025, April 20). *phishing attacks in 2025 new trends and data on evolving threats*. Retrieved April 20, 2025, from https://www.reddit.com/r/phishing/comments/1jwus9v/phishing_attacks_in_2025_new_trends_and_data_on/
  • reports.weforum.org. (2025, April 20). Retrieved April 20, 2025, from https://reports.weforum.org/docs/WEF_Global_Cybersecurity_Outlook_2025.pdf
  • SANS. (2025, April 20). *SANS security awareness summit 2025*. Retrieved April 20, 2025, from https://www.sans.org/cyber-security-training-events/security-awareness-summit-2025/
  • The Hacker News. (n.d.). *The Hacker News | #1 trusted source for cybersecurity news*. Retrieved April 20, 2025, from https://thehackernews.com/
  • The Security Company. (n.d.). *2025 cyber security and awareness calendar | Key dates and...*. Retrieved April 20, 2025, from https://thesecuritycompany.com/online-2025-cyber-security-calendar/
  • 1111 Systems. (2025, April 20). *Cyber awareness week 2025 highlights tips for safer workplaces*. Retrieved April 20, 2025, from https://1111systems.com/blog/stay-ahead-of-cyber-threats-cyber-awareness-week-2025/

Comments

Post a Comment

Sign Up For Our Free Newsletter & Vip List