AI-Powered Data Breach Scams Exploit Public Fear, Experts Warn Scammers are increasingly leveraging artificial intelligence and real-world data breaches to launch sophisticated phishing attacks, targeting victims with fake security alerts. These scams delivered via email, text, or phone impersonate trusted entities like banks, government agencies, or credit-monitoring services, often claiming a victim’s data has been exposed or unauthorized charges have occurred. According to Michael Bruemmer of Experian, criminals capitalize on high-profile breaches, using public concern to pressure victims into clicking malicious links, divulging login credentials, or paying for fraudulent services. AI tools enable scammers to craft highly convincing emails, replicate official logos, and even simulate human voices, making detection harder. Deep Strike estimates that up to 80% of phishing attempts now involve AI-generated content. Attackers also exploit leaked credentials from past breaches, using them to hijack accounts through credential stuffing. Meanwhile, legitimate breach notifications often laden with technical jargon can confuse victims, blurring the line between real alerts and scams. Cybersecurity experts, including Robert Duncan of Netcraft, highlight urgency as a red flag, noting that fake alerts frequently demand immediate action. The rise of AI-driven phishing underscores the growing challenge of distinguishing genuine threats from fraudulent ones.

The UK's National Cyber Security Center (NCSC) announced the testing phase of a new service called Proactive Notifications, designed to inform organizations in the country of vulnerabilities present in their environment. The service is delivered through cybersecurity firm Netcraft and is based on publicly available information and internet scanning. The NSCS will identify organizations that lack essential security services and will contact them with specific software update recommendations that address unpatched vulnerabilities. This may include recommendations on specific CVEs or general security issues, such as the use of weak encryption. “Scanning and notifications will be based on external observations such as the version number publicly advertised by the software,” NCSC explains, adding that this activity is “in compliance with the Computer Misuse Act.” The agency highlights that the emails sent through this service originate from netcraft.com addresses, do not include attachments, and do not request payments, personal, or other type of information. BleepingComputer learned that the pilot program will cover UK domains and IP addresses from Autonomous System Numbers (ASNs) in the country. The service will not cover all systems or vulnerabilities, though, and the recommendation is that entities do not rely on it alone for security alerts. Organizations are strongly encouraged to sign up for the more mature ‘Early Warning’ service to receive timely notifications for