According to a report by the FTC, there has been a critical escalation in financial fraud, with reported consumer losses surging by 25% to a record-breaking $12.5 billion. 

Digital threat actors use a coordinated orchestration of social engineering and technical attacks to steal money, personal information, login credentials, and more. 

The holiday season is a prime time for them to strike, as a majority of the world is more active online purchasing gifts, communicating with family, and traveling.

1. Watch out for AI-powered scams: Deepfakes are more convincing with the improvements of AI visual and auditory technology. Remain vigilant regarding unexpected, urgent communication from peers, colleagues, family members, and loved ones suggesting that they need money to cope with an emergency. Use trusted and verified means to confirm these types of outreaches before engaging with a potential scammer.

2. Ensure you’re using two-factor authentication (preferably to an authenticator app) and a complex password on your critical accounts: If you can spare fifteen minutes, our team can help diagnose your password and account strength, and recommend any required changes.

3. Trust, but verify: Don’t click any links before verifying their authenticity. Reach out to our team about any suspicious communications or websites that may seem “too good to be true.” Does the flight seem a little too convenient? Does the purchase seem unreasonably accessible? Email or call us, and we’ll confirm whether the website you’re accessing is legitimate before you proceed.

4. Resist saving credit cards at online shops: Unless your account is protected with MFA, we recommend not saving payment information in online payment portals. We recommend, instead, saving your payment information in your password manager of choice. This way, it can be easily autofilled with minimum risk. We recommend 1Password and are happy to assist in setting up or configuring your account so that shopping is maximally easy and maximally safe.

_________________________________________________________________________

In today's hyper-connected world, corporate leaders and high-net-worth individuals are prime targets for sophisticated cyber threats. But the weakest link isn't at the office, it's in their personal lives. Discover practical solutions, expert analysis, and behind-the-scenes stories on the unique and evolving security challenges faced by C-suite executives, board members, high-profile individuals, and their families in this podcast from BlackCloak.

https://blackcloak.io/podcasts/

Open Source Intelligence (OSINT) illuminates just how much of your personal information is available for threat actors to build a comprehensive profile of you. In this BlackCloak blog post, OSINT and Threat Intelligence Manager Chris Carter breaks down exactly what OSINT can reveal about you, and how it's weaponized by cybercriminals.

https://blackcloak.io/youre-being-watched-what-osint-can-reveal-about-you/

Preparing the next generation to take the reins of a high-net-worth family’s assets is a perennial challenge. That’s why many financial institutions host those sophisticated “next-gen” weekends, think Ivy League recruiting meets a financial seminar, to educate and connect the future custodians of wealth.

But when it comes to the curriculum for those currently under 25, there’s a dangerous blind spot that is actively increasing your family’s cyber risk.

https://blackcloak.io/your-tech-savvy-kids-are-a-cyber-hackers-dream/

___________________________________________________________________________

183 million email addresses and passwords, including millions of Gmail accounts, have been exposed online via infostealer malware. Individuals reusing their login credentials for multiple accounts are at risk, as this data enables criminals to execute password-spraying attacks and compromise multiple accounts with a single set of credentials. We recommend enabling MFA/2FA on all accounts and refreshing the passwords for your critical accounts. Please contact our team if you need assistance with this.

Read more here: https://nypost.com/2025/10/27/business/183m-email-passwords-exposed-in-data-leak-including-millions-of-gmail-accounts-heres-how-to-check-if-yours-is-safe/

A Florida woman was conned out of $15,000 after receiving a highly realistic call that used an AI-cloned version of her daughter's voice. In response to the fraudulent demands, her family provided the money. The scam was only uncovered because a relative called the daughter's actual phone number and found that she was safe. 

Read more here: https://www.wesh.com/article/florida-mom-scammed-ai-clones-daughters-voice/65436683

Read more here: https://cybersecuritynews.com/hikvisionexploiter-exploitation-toolkit/

In a report written by The Economist, AI/LLMs are dramatically lowering the skill requirement for hackers, enabling them to quickly create sophisticated malware and launch highly convincing spear-phishing attacks using deepfakes and fake voice/video calls. Fraud estimates from these type of scams are projected to reach $40 billion by 2027. To stay safe, the most critical steps are to always verify the identity of anyone making an urgent request through a separate channel, enable Multifactor Authentication (MFA) on all key accounts, and use strong, unique passwords. 

Read more here: https://www.economist.com/business/2025/08/19/how-ai-powered-hackers-are-stealing-billions

Windows 10 and Ventura macOS are now considered “End of Life”, by Microsoft and Apple. This means that the companies will stop issuing critical security updates and bug fixes for these operating systems, which presents a serious security risk to members who are still using them. Please update any computers currently using Windows 10 or Ventura macOS. If you aren’t sure if your computer is running one of these unsupported operating systems, please reach out to the BlackCloak team for assistance.

Reach out to the BlackCloak team here: https://blackcloak.io/concierge-portal/