InfoSecBulletin Cybersecurity for mankind
CISA warned that criminals are pretending to be its employees in phone calls in order to trick people into sending them money. “The Cybersecurity and Infrastructure Security Agency (CISA) is aware of recent impersonation scammers claiming to represent the agency,” CISA warned on Wednesday.
“As a reminder, CISA staff will never contact you with a request to wire money, cash, cryptocurrency, or use gift cards and will never instruct you to keep the discussion secret.” “Additionally, the cybersecurity agency shared some helpful tips to avoid falling prey to these scams.”
Samsung phone is saving your passwords in plain text
UK Software Firm Exposed 8 million of Healthcare Worker Records
GitHub Enterprise Server Vulns Expose Risk of Code Execution
CVE-2025-2492
ASUS warns of critical auth bypass flaw in routers
16,000+ Fortinet devices compromised with symlink backdoor, Mostly in Asia
Patch now! Critical Erlang/OTP SSH Vuln Allows UCE
CISA warns of increasing risk tied to Oracle legacy Cloud leak
CVE-2025-20236
Cisco Patches Unauthenticated RCE Flaw in Webex App
Apple released emergency security updates for 2 zero-day vulns
Oracle Released Patched for 378 flaws for April 2025
If you think you’re getting a scam call from someone claiming to be a CISA employee, never send them money, make a note of their number, and hang up right away.
CISA advised to call at 844-729-2472 (844-SAY-CISA) or report the scam attempts to law enforcement to validate the contact.
In 2024, the average financial loss due to impersonation scams rose to $7,000 from $3,000 in 2019. Based on FTC data, these scams caused over $1.1 billion in losses in 2023, which is three times higher than the amount in 2020.
“Reports show an increasingly blurred line between business and government impersonation scams,” the FTC said.
