Delhi Police has busted a major international cyber fraud syndicate that involved over 2,000 complaints and scams worth over Rs 300 crore. It is reported that the police have arrested the alleged mastermind behind this syndicate and 10 others.

This ongoing fraud came into light as a city resident, Sultan, filed a complaint alleging that he was duped of Rs 31.45 lakh after being lured into an investment scheme.

What was found in the investigation?

The police started an investigation, and it was found that the victim was persuaded to download a fake trading application and invest money with promises of high returns. But when he tried to withdraw the profits, the app stopped working, and the associated group became inaccessible.

During the investigation, police uncovered a well-organised network operating across multiple states with links to international cyber fraud syndicates, particularly in Cambodia.

The police said in a statement, “We have so far identified over 260 bank accounts linked to more than 100 fictitious companies used to channel the proceeds of crime. The total number of complaints linked to the syndicate stands at 2,567.”

According to Deputy Commissioner of Police (Crime Branch), Aditya Gautam, the key accused, Karan Kajaria, was arrested at Kolkata airport on April 3 after a Look Out Circular was issued against him. He was then brought to Delhi for further investigation.

Reportedly, the syndicate created fake investment platforms and messaging groups to lure victims. They used mule bank accounts arranged through intermediaries and deployed malicious apps to capture sensitive banking details, including OTPs. The money collected with this scam was routed through a complex network of bank accounts and shell companies to obscure the trail.

In this scam, Kajaria is said to be the main coordinator who maintained direct links with foreign-based operators and facilitated the movement of funds through cryptocurrency channels. As per the DCP, he was involved in procuring mule bank accounts and sharing sensitive details via encrypted social media platforms, while he also travelled abroad frequently, supposedly to strengthen links with overseas fraud networks.

It is revealed that Kajaria tried to evade his arrest by staying abroad, but technical surveillance helped investigators trace the network to Kolkata, where several bank accounts and shell entities were operating. And when Kajaria arrived at Kolkata airport, he was arrested.

According to the DCP, during interrogation, Kajaria has allegedly confessed to his involvement in the syndicate. Meanwhile, accounts linked to his network were associated with more than 2,500 registered complaints on the National Cybercrime Reporting Portal and the fraud of Rs 300 crore.

This syndicate was active for the past 4-5 years and operated across multiple states. Apart from Kajaria, 10 other accused have been arrested in the case so far. The police have also recovered 48 mobile phones, 258 SIM cards, multiple ATM cards and cheque books, 4 laptops, and several banking and KYC documents. The investigation is still ongoing to catch the other members of this syndicate.

Via.

The post Delhi Police busted a major Rs 300 Crore International Cyber Fraud Syndicate; Key accused arrested appeared first on The Tech Outlook.

The rumours of an LPG shortage have been circulating in India for a long time now, increasing users’ fear and concern. Well, scammers are now exploiting this fear among Indian users by circulating malicious messages and links online, posing as LPG booking and KYC update messages.

There have been numerous cases reported where Indian LPG users have been scammed by clicking on malicious links and downloading APK files disguised as LPG service updates/ LPG booking/ KYC update messages.

Users on X, Facebook and other social media platforms have also reported receiving bulk SMS or WhatsApp messages from suspicious sender IDs such as LPG, Indane, and LPG Fast. It also reported that the scammers have developed fake websites using the names of LPG companies.

Police officials in various states have already issued warnings regarding the increase in such cases. The Indian Bank has also urged users not to click on unknown links and share personal information. Users are advised to always verify such messages and links through official channels before proceeding with them, in order to protect their bank accounts from fraud.

If you have received any such suspicious message or link, then you can report it immediately to cyber fraud by dialling 1930 or visiting cybercrime.gov.in.

Meanwhile, authorities have already begun issuing alerts across social media platforms and have also deployed personnel in residential areas to spread awareness regarding these scams.

Stay alert and stay safe!!

The post Beware! Fake LPG Payment and KYC update messages with malicious links being circulated online appeared first on The Tech Outlook.

Last year, the RBI issued its guidelines on the authentication mechanism framework for digital payment transaction authentication. As per the guidelines, it was stated that two-factor authentication will be made mandatory for all digital payments starting 1^st April 2026.

The Reserve Bank of India ( Authentication mechanisms for digital payment transactions) Directions, 2025, shall apply to all Payment System Providers and Payment System Participants (banks and non-banks). These directions will apply to all domestic digital payment transactions.

It is mandated that every digital payment transaction must be authenticated using at least two distinct factors like passwords, PINs, SMS-based OTPs, hardware tokens or cards, software-based authentication tokens, fingerprints or facial recognition. In practice, most users may not see a dramatic shift immediately, as OTPs and PINs are already widely used.

Issuers such as banks, card networks and fintechs can offer customers a preference for authentication methods in compliance with the directions. It shall be ensured that for digital payment transactions, other than card present transactions, at least one of the factors of authentication is dynamically created or proven.

An issuer shall ensure the robustness and integrity of the authentication mechanism before deployment. If any loss arises out of transactions effected without complying with the directions, the issuer shall compensate the customer for the loss in full without demur.

It is said that by 1^st October 2026, card issuers shall put in place a mechanism to validate non-recurring, cross-border card not present (CNP) transactions, where an authentication request is raised by an overseas merchant or overseas acquirer. Further, a risk-based mechanism for handling all cross-border CNP transactions shall also be put in place by card issuers by 1^st October 2026.

With rising cases of SIM-related fraud and phishing, the RBI is now pushing for alternatives for the digital safety of customers.

The post RBI mandates two-factor authentication for all digital payments from 1st April 2026 appeared first on The Tech Outlook.

Brave has released a new browser update that fixes two Chromium vulnerabilities that were reportedly being exploited in the wild. The company shared the announcement through its official social media account, urging users to install the update as soon as possible.

According to Brave, the update — version 1.88.130 — includes security fixes for two Chromium vulnerabilities identified as CVE-2026-3909 and CVE-2026-3910. These vulnerabilities were disclosed in the Chrome CNA database on March 12, 2026.

In its post, Brave said:

“⚠️ Today’s browser update (v1.88.130) contains fixes for Chromium vulnerabilities found to be exploited in the wild. You may have received the automatic Brave update already. If not, you can manually update by visiting ‘About Brave’ from the browser’s menu. The Android update is waiting on Google Play Store review and should be out shortly.”

The first flaw, CVE-2026-3909, is described as an out-of-bounds write issue in Skia, the graphics engine used by Chromium-based browsers. According to the description, the vulnerability affects versions of Chrome prior to 146.0.7680.75 and could allow a remote attacker to perform memory access out of bounds using a specially crafted HTML page. The issue is rated with high severity under Chromium’s security classification.

The second vulnerability, CVE-2026-3910, involves an inappropriate implementation in the V8 JavaScript engine. The flaw could allow a remote attacker to execute arbitrary code within the browser’s sandbox through a crafted HTML page. Like the first issue, it also carries a high severity rating.

Because Brave is built on the Chromium engine, the company pushed the patch through its latest browser update. Users who have automatic updates enabled may already have the fix installed, but those who have not yet received it can check manually by opening the Brave menu and selecting About Brave to trigger the update.

Brave also clarified that the issue does not affect the iOS version of the browser, since the iOS build does not rely on Chromium but rather the WebKit rendering engine as mandated by Apple’s App Store Policy.

The Android version of the update is currently awaiting review on the Google Play Store, but Brave says it should become available shortly.

Stay tuned for more updates!

The post Brave v1.88.130 Fixes Chromium Vulnerabilities on Desktop and Android; iOS Not Affected appeared first on The Tech Outlook.

Microsoft Authenticator is a mobile app that generates time-based one-time codes and handles sign-in links and QR-based logins for Microsoft and other accounts. It is widely used for multi-factor authentication on personal phones, including BYOD (Bring Your Own Device) devices.

Yesterday, it was revealed that a new vulnerability was found in the app for both iOS and Android (CVE-2026-26123) that could leak your one-time sign-in codes or authentication deep links (specifically constructed links used to open an app and complete actions like signing in) to a malicious app on the same device.

Android or iOS users who have installed this app on their device could be affected by this vulnerability.

How could the vulnerability be exploited?

For the vulnerability to be exploited, the user would first need to install a malicious app on their device and then accidentally choose that app to handle a sign-in deep link. If this happens, the malicious app receives the one-time code or sign-in information and can potentially use it to authenticate as the victim.

With this, the attacker could complete login flows to services that trust your Microsoft Authenticator codes, access the information and services available to the compromised account or potentially pivot to additional accounts if those are protected by codes delivered via Authenticator on the same device.

Solution for this vulnerability?

The fix for CVE-2026-26123 is already included in the current releases, so if you have the Microsoft Authenticator app, you are advised to update your app.

On iOS

• Open the App Store
• Tap the My Account button or your photo at the top of the screen
• Scroll down to see pending updates and release notes
• Tap Update next to an app to update only that app, or tap Update All

On Android

• Open the Google Play Store app
• At the top right, tap the profile icon
• Tap Manage apps & device
• Under “Updates available,” tap See details
• Next to the app you want to update, tap Update

If you are temporarily unable to update the app, avoid installing new apps that request to handle authentication links, QR-based sign-ins, or web-to-app sign-in flows. When scanning QR codes or tapping sign-in links, verify that the handler is Microsoft Authenticator or another trusted app. Also, where possible, use trusted alternative MFA options until you can apply the update.

The post New vulnerability has been found in Microsoft Authenticator for both iOS and Android; Could leak your sign-in codes or authentication deep links to a malicious app appeared first on The Tech Outlook.

Are you also someone who owns an Android device powered by a MediaTek chipset? If yes, then this article might be of help.

Yesterday, Charles Guillemet, CTO at Ledger, revealed that Donjon, the hardware security research team run by Ledger, discovered a MediaTek vulnerability that is potentially impacting millions of Android phones.

Vulnerability found in MediaTek powered Android phone

According to the X post, the Donjon team plugged the CMF Phone 1 by Nothing (powered by MediaTek Dimensity 7300 5G) into a laptop and breached the phone’s foundational security within 45 seconds. Without ever even booting into Android, the exploit automatically recovered the phone’s PIN, decrypted its storage, and extracted seed phrases from popular software cryptocurrency wallets.

It is said that the vulnerability could affect millions of Android devices with MediaTek processors that use Trustonic’s Trusted Execution Environment (TEE). Many MediaTek devices rely on TEE, a secure area inside the main processor to protect sensitive data.

As per Charles, this research highlights a fundamental architectural difference- general-purpose chips are built for convenience, while secure elements are built for key protection.

The vulnerability found in the MediaTek chipset is now public (CVE-2025-20435). It is revealed that the research team has followed a strict responsible disclosure process and has informed MediaTek about this vulnerability before making it public.

MediaTek has confirmed providing a fix for this issue to OEMs on 5^th January, 2026, which means the vulnerability should be patched in software updates. It is not known whether this vulnerability has been exploited by the attacker or its potential impact on existing devices.

The processors that are revealed to be affected are:

• MT2737
• MT6739
• MT6761
• MT6765
• MT6768
• MT6781
• MT6789
• MT6813
• MT6833
• MT6853
• MT6855
• MT6877
• MT6878
• MT6879
• MT6880
• MT6885
• MT6886
• MT6890
• MT6893
• MT6895
• MT6897
• MT6983
• MT6985
• MT6989
• MT6990
• MT6993
• MT8169
• MT8186
• MT8188
• MT8370
• MT8390
• MT8676
• MT8678
• MT8696
• MT8793

The affected processors include those that are equipped in entry-level to flagship phones from Oppo, Vivo, OnePlus and Samsung.

The post Security researchers discovered a vulnerability in MediaTek-powered Android phones; Researchers broke into the CMF Phone 1 by Nothing in just 45 seconds appeared first on The Tech Outlook.

The telecom company BSNL has been introducing new offers and features for its users to make them stick to its service and also increase its user base in India. Recently, on the occasion of Women’s Day, the company introduced a new “Kavach Number” feature, which is meant to ensure the safety of women.

Your phone number is personal.
Keep it that way.

Show your Kavach number at a BSNL store and recharge without revealing your real number.

BSNL Kavach – Recharge with Privacy.#BSNLKavach #RechargeSecurely #WomenSafetyMatters @CMDBSNL @robertravi21 pic.twitter.com/U2ZJskiGcW

— BSNL India (@BSNLCorporate) March 10, 2026

Before coming to this new feature, let’s talk about the concern addressed with this feature. Many of us have switched to recharging our devices online, but there have still been instances where we need to go to the recharge stores to get the recharge done (especially in rural areas). But lately, there have been ongoing concerns of leakage of customer contact numbers, resulting in harassment over calls or messages.

To reduce the chances of such misuse, BSNL has come up with the “Kavach Number” feature that allows women subscribers to recharge their mobile numbers at physical stores without revealing their numbers to the retailer. This feature aims to help women keep their numbers private and reduce the risk of unwanted contact.

What is the BSNL Kavach Number?

This is a 10-digit alternate number linked to the user’s actual mobile number. Once activated, the Kavach number will be received by the user via SMS. This number can be shared at the recharge stores instead of the real phone number, and the recharge can be done for the main account.

It works like a shield for women’s phone numbers, reducing the risk of their personal details being exposed.

How does it work?

• You can activate the Kavach feature by calling customer service at 1800 180 1503 or 1500 from your BSNL number
• After connecting with a customer care executive, you can request activation of the Kavach number
• Once activated, you will receive the Kavach number via SMS
• You can now share this number at recharge outlets to recharge your mobile

Do note that the Kavach number expires after some time, which means you will have to generate it every time you want to recharge your SIM.

The post BSNL introduces new Kavach number feature to recharge offline without sharing your phone number; Available for women subscribers appeared first on The Tech Outlook.

Signal, which is a free messaging app focused on maximum user privacy, has confirmed that several users, including some government officials and jurnalists have been targeted in a phishing attack, which has resulted in account takeovers of some users.

Here is more to it.

Signal Confirms Phishing Attacks

In a statement published via its official X handle, Signal clarified that its encryption and infrastructure have not been compromised. The attacks were carried out through sophisticated phishing campaigns, in which users were tricked into sharing account information such as SMS codes and/or Signal PINs, allowing attackers to gain access to their accounts.

Signal explained that attackers may impersonate a Signal support bot—which does not exist—and request users to share their SMS verification code or PIN. Sharing such information gives attackers access to your account. For those unfamiliar, Signal only requires an SMS verification code during the initial account setup. Therefore, if you receive a message asking for your SMS verification code at any other time, it is likely a scam/phishing attack.

We are aware of recent reports regarding targeted phishing attacks that have resulted in account takeovers of some Signal users, including government officials and journalists. We take this very seriously.

To be clear: Signal’s encryption and infrastructure have not been…

— Signal (@signalapp) March 9, 2026

The company emphasises never sharing your SMS code or PIN with anyone. Signal will never request these details except during account sign-up. In short, if you receive a message requesting your PIN, password, or SMS code, ignore it.

Signal also mentioned that it is actively working on adding clear visual and text-based warning signs within the app to alert users to potential risks, especially phishing. This feature aims to help users identify suspicious messages and avoid sharing sensitive information.

Stay tuned for more updates!

The post Signal Confirms Phishing Attacks Targeting Accounts of Government Officials and Journalists appeared first on The Tech Outlook.

At Samsung’s Galaxy Unpacked event, Google announced that its on-device Scam Detection feature for phone calls is expanding beyond Pixel devices. The feature, which was previously limited to the Google Phone app on Pixel smartphones, is now available in the Samsung Phone app on the Galaxy S26 series in the United States.

Scam Detection is designed to notify users in real time if a call appears suspicious. It analyses conversation patterns commonly associated with fraud and provides audio and haptic alerts, along with an on-screen warning, if a potential scam is detected.

On-device processing with Gemini

On the Galaxy S26 series, Scam Detection uses Google’s Gemini Nano on-device AI model to monitor calls for speech patterns linked to scams. Google says call audio is processed ephemerally, meaning no conversation audio or transcription is recorded, stored on the device, or sent to Google or third parties. The feature is automatically turned off for numbers saved in your contacts.

For example, if a caller asks for payment via gift cards to complete a delivery, users will receive an alert during the call warning that it may be a scam. However, Google notes that Scam Detection is not 100% accurate and scammers frequently change tactics. Users are advised to remain cautious when answering calls from unknown numbers.

The company also clarified that Scam Detection on the Galaxy S26 series currently supports English in the US only. There is no confirmation yet on whether the feature will expand to other regions, languages, or older Samsung devices. Technically, recent high-end Galaxy smartphones already support the AI model required for the feature, but Google has not announced wider availability.

Previously, Scam Detection was available only on Pixel devices. On Pixel 6 and later models in the US, and on Pixel 9 and later devices (excluding Pixel 9a) in Australia, Canada, India, Ireland, and the UK, the feature works within the Google Phone app.

Expanded protection in Google Messages

Google also announced improvements to Scam Detection in Google Messages. On the latest Android flagship devices, such as Pixel 10 and the Galaxy S26 series, in the US, Canada, and the UK, the on-device Gemini model is now used for more advanced analysis of complex conversational threats.

According to Google, this enables better detection of subtle patterns used in job offer scams and sophisticated romance baiting scams, sometimes referred to as “pig butchering”. In these schemes, scammers build long-term relationships with victims to gain trust before promoting fraudulent investments. The updated protection in Google Messages is rolling out now in the supported regions.

Google says it plans to bring call-based Scam Detection to more Android OEM’s in the future, but no timeline has been provided.

Below are the steps on how to use this feature on your Pixel Smartphones

Turn on Scam Detection

1. Open the Phone app.

2. Tap More (three dots).

3. Tap Settings.

4. Select Scam Detection.

5. Turn on Scam Detection.

Use Scam Detection during calls

Scam Detection runs automatically in the background for calls that may be suspected scams. If a call is identified as high risk, you will receive a notification, sound alert, and vibration.

To inform all participants that the feature is active, an audible beep will play at the start of the call and repeat every few minutes.

If you receive a Scam Detection alert:

• Tap Not a scam to dismiss the alert.

• Tap End call in the notification or at the bottom of the call screen to end the call.

Turn off Scam Detection

Turn off for a single call:

1. During the call, tap More (bottom right of the screen).

2. Tap Scam Detection to disable it for that call only.

Turn off for all calls:

1. Open the Phone app.

2. Tap More, then Settings.

3. Select Scam Detection.

4. Turn off Scam Detection.

The post Google brings Scam Detection feature to Samsung Galaxy S26 series appeared first on The Tech Outlook.

Yesterday, Anthropic officially announced that it has identified industrial-scale distillation attacks on its models by three AI laboratories- DeepSeek, Moonshot and MiniMax. The accused labs are said to have created over 24,000 fraudulent accounts and to have generated over 16 million exchanges with Claude, leveraging its capabilities to train and improve their own models.

These attacks are growing in intensity and sophistication. Addressing them will require rapid, coordinated action among industry players, policymakers, and the broader AI community.

Read more: https://t.co/4SVm8K3qou

— Anthropic (@AnthropicAI) February 23, 2026

Wondering what distillation is? Distillation involves training a less capable model on the outputs of a stronger one. It is a widely used and legitimate training method. But this method could also be used for illicit purposes; competitors can use it to acquire powerful capabilities from other labs. Though those illicitly distilled models lack necessary safeguards, they create significant national security risks.

What was found in the distillation campaigns?

The three distillation campaigns used fraudulent accounts and proxy services to access Claude at scale while evading detection.

DeepSeek

Scale: Over 150,000 exchanges

Operation targeted:

• Reasoning capabilities across diverse tasks
• Rubric-based grading tasks that made Claude function as a reward model for reinforcement learning
• Creating censorship-safe alternatives to policy-sensitive queries

Moonshot AI

Scale: Over 3.4 million exchanges

Operation targeted:

• Agentic reasoning and tool use
• Coding and data analysis
• Computer-use agent development
• Computer vision

MinMax

Scale: Over 13 million exchanges

Operation targeted:

• Agentic coding
• Tool use and orchestration

It is revealed that for national security reasons, Anthropic does not currently offer commercial access to Claude in China, or to subsidiaries of their companies located outside of the country. According to Anthropic, these labs used commercial proxy services that resell access to Claude and other frontier AI models at scale.

And when one account is banned, a new one takes its place. In one case, a single proxy network managed more than 20,000 fraudulent accounts simultaneously, mixing distillation traffic with unrelated customer requests to make detection harder. Once access is secured, the labs generate large volumes of carefully crafted prompts designed to extract specific capabilities from the model.

But when variations of that prompt arrive tens of thousands of times across hundreds of coordinated accounts, all targeting the same narrow capability, the pattern becomes clear.

How is Anthropic working to stop such distillation attacks?

• Detections: Several classifiers and behavioural fingerprinting systems are designed to identify distillation attack patterns in API traffic. Detection tools are also built for identifying coordinated activity across large numbers of accounts.
• Intelligence sharing: Anthropic is sharing technical indicators with other AI labs, cloud providers, and relevant authorities.
• Access controls: The company has strengthened verification for educational accounts, security research programs and startup organisations- most commonly exploited pathways for setting up fraudulent accounts.
• Counter measures: The company is developing Product, API and model-level safeguards designed to reduce the efficacy of model outputs for illicit distillation, without degrading the experience for legitimate customers.

These distillation campaigns are growing in intensity and sophistication, and apart from the above measures, the company has mentioned that distillation attacks at this scale require a coordinated response across the AI industry, cloud providers, and policymakers.

The post DeepSeek, Moonshot and MiniMax accused of extracting Claude’s capabilities to improve their own models appeared first on The Tech Outlook.