If you can’t beat them, copy them. That seems to be the thinking behind an unusual campaign by the Dutch police, who set up a fake ticket website selling tickets that don’t exist.

The website, TicketBewust.nl, invites people to order tickets for events like football matches and concerns. But the offers were never real. The entire site was a deliberate sting, designed to show people how easily ticket fraud works.

The Netherlands’ National Police created the site to warn people about ticket fraud. They worked with the Fraud Helpdesk and online marketplace Marktplaats to run ads promoting “exclusive tickets” for sold-out concerts. If anyone got far enough to try and buy a ticket, the fake site took them to a police webpage explaining that they’d just interacted with a fake online shop.

People fell for these too-good-to-be-true deals—and that’s the most interesting part of this story. Many of us assume we’re far too savvy to fall prey to such online shenanigans, but a surprisingly large number of people do.

More than 300,000 people saw the police ads on Marktplaats between October 30, 2025, and January 11, 2026. Over 30,000 people opened opened it to take a look. 7,402 of them clicked the link to the fake site that was in the ad, and 3,432 people tried to order tickets.

That’s a reminder that online crime works a lot like regular ecommerce. Whether you’re selling real tickets or fake ones, it’s just a numbers game. Only a small percentage of people who see an ad will ever convert—but even a tiny fraction can be lucrative.

In this case, around 1% of people that saw the ad took the bait, but that represents a big profit for scammers. Fake ticket sellers raked in an average of $672 per victim in the US between 2020 and 2024, according to data from the Better Business Bureau (BBB).

Why ticket fraud is so common

Dutch police get around 50,000 online fraud complaints annually, with 10% involving fake tickets. It’s a problem in other countries too, with UK losses to gig ticket scams doubling in 2024 to £1.6 million (around $2.1 million).

Part of the reason fake ticket scams are so effective is that many cases never get reported. Some victims don’t think the loss is significant enough, while others simply don’t want to admit they were tricked. But there’s another, more fundamental reason these scams work so well: the audience is already primed to buy.

People searching for tickets are usually doing so because they don’t want to miss out. Scammers lean hard into that fear of missing out (FOMO), pairing it with scarcity cues like “sold out,” “limited availability,” or time-limited offers. People under emotional pressure from urgency and scarcity tend to do irrational things and take risks they shouldn’t. It’s why people invest erratically or take gambles on dodgy online sales.

How to protect yourself from fake ticket sites

The advice for avoiding shady ticket sellers looks a lot like advice for avoiding scams in general:

• Watch what you click on social media. Social media accounts for 52% of concert ticket fraud cases, according to the BBB data. Stick to official channels like Ticketmaster, AXS, or the venue’s box office—and double check the URL you’re accessing.
• Don’t let emotions get the better of you. Ticket sellers target high-demand events because they know people are desperate to attend and might let their guard down. That’s why fake ticket scams spiked after Oasis announced their reunion tour.
• Don’t be fooled by support lines. Just because they’re on the phone doesn’t mean they’re legit.
• Never pay via Zelle, Venmo, Cash App, gift cards or crypto. Use credit cards or other payment methods that offer purchase protection.

A little skepticism can go a long way when looking for sought-after tickets. So if you see an online ad offering you the seats of a lifetime, take a minute to research the seller. It could save you hundreds of dollars and a heap of disappointment.

We don’t just report on scams—we help detect them

Cybersecurity risks should never spread beyond a headline. If something looks dodgy to you, check if it’s a scam using Malwarebytes Scam Guard, a feature of our mobile protection products. Submit a screenshot, paste suspicious content, or share a text or phone number, and we’ll tell you if it’s a scam or legit. Download Malwarebytes Mobile Security for iOS or Android and try it today!

If you can’t beat them, copy them. That seems to be the thinking behind an unusual campaign by the Dutch police, who set up a fake ticket website selling tickets that don’t exist.

The website, TicketBewust.nl, invites people to order tickets for events like football matches and concerns. But the offers were never real. The entire site was a deliberate sting, designed to show people how easily ticket fraud works.

The Netherlands’ National Police created the site to warn people about ticket fraud. They worked with the Fraud Helpdesk and online marketplace Marktplaats to run ads promoting “exclusive tickets” for sold-out concerts. If anyone got far enough to try and buy a ticket, the fake site took them to a police webpage explaining that they’d just interacted with a fake online shop.

People fell for these too-good-to-be-true deals—and that’s the most interesting part of this story. Many of us assume we’re far too savvy to fall prey to such online shenanigans, but a surprisingly large number of people do.

More than 300,000 people saw the police ads on Marktplaats between October 30, 2025, and January 11, 2026. Over 30,000 people opened opened it to take a look. 7,402 of them clicked the link to the fake site that was in the ad, and 3,432 people tried to order tickets.

That’s a reminder that online crime works a lot like regular ecommerce. Whether you’re selling real tickets or fake ones, it’s just a numbers game. Only a small percentage of people who see an ad will ever convert—but even a tiny fraction can be lucrative.

In this case, around 1% of people that saw the ad took the bait, but that represents a big profit for scammers. Fake ticket sellers raked in an average of $672 per victim in the US between 2020 and 2024, according to data from the Better Business Bureau (BBB).

Why ticket fraud is so common

Dutch police get around 50,000 online fraud complaints annually, with 10% involving fake tickets. It’s a problem in other countries too, with UK losses to gig ticket scams doubling in 2024 to £1.6 million (around $2.1 million).

Part of the reason fake ticket scams are so effective is that many cases never get reported. Some victims don’t think the loss is significant enough, while others simply don’t want to admit they were tricked. But there’s another, more fundamental reason these scams work so well: the audience is already primed to buy.

People searching for tickets are usually doing so because they don’t want to miss out. Scammers lean hard into that fear of missing out (FOMO), pairing it with scarcity cues like “sold out,” “limited availability,” or time-limited offers. People under emotional pressure from urgency and scarcity tend to do irrational things and take risks they shouldn’t. It’s why people invest erratically or take gambles on dodgy online sales.

How to protect yourself from fake ticket sites

The advice for avoiding shady ticket sellers looks a lot like advice for avoiding scams in general:

• Watch what you click on social media. Social media accounts for 52% of concert ticket fraud cases, according to the BBB data. Stick to official channels like Ticketmaster, AXS, or the venue’s box office—and double check the URL you’re accessing.
• Don’t let emotions get the better of you. Ticket sellers target high-demand events because they know people are desperate to attend and might let their guard down. That’s why fake ticket scams spiked after Oasis announced their reunion tour.
• Don’t be fooled by support lines. Just because they’re on the phone doesn’t mean they’re legit.
• Never pay via Zelle, Venmo, Cash App, gift cards or crypto. Use credit cards or other payment methods that offer purchase protection.

A little skepticism can go a long way when looking for sought-after tickets. So if you see an online ad offering you the seats of a lifetime, take a minute to research the seller. It could save you hundreds of dollars and a heap of disappointment.

We don’t just report on scams—we help detect them

Cybersecurity risks should never spread beyond a headline. If something looks dodgy to you, check if it’s a scam using Malwarebytes Scam Guard, a feature of our mobile protection products. Submit a screenshot, paste suspicious content, or share a text or phone number, and we’ll tell you if it’s a scam or legit. Download Malwarebytes Mobile Security for iOS or Android and try it today!

Attackers are sending very convincing fake “Google” emails that slip past spam filters, route victims through several trusted Google-owned services, and ultimately lead to a look-alike Microsoft 365 sign-in page designed to harvest usernames and passwords.

Researchers found that cybercriminals used Google Cloud Application Integration’s Send Email feature to send phishing emails from a legitimate Google address: noreply-application-integration@google[.]com.

Google Cloud Application Integration allows users to automate business processes by connecting any application with point-and-click configurations. New customers currently receive free credits, which lowers the barrier to entry and may attract some cybercriminals.

The initial email arrives from what looks like a real Google address and references something routine and familiar, such as a voicemail notification, a task to complete, or permissions to access a document. The email includes a link that points to a genuine Google Cloud Storage URL, so the web address appears to belong to Google and doesn’t look like an obvious fake.

After the first click, you are redirected to another Google‑related domain (googleusercontent[.]com) showing a CAPTCHA or image check. Once you pass the “I’m not a robot check,” you land on what looks like a normal Microsoft 365 sign‑in page, but on close inspection, the web address is not an official Microsoft domain.

Any credentials provided on this site will be captured by the attackers.

The use of Google infrastructure provides the phishers with a higher level of trust from both email filters and the receiving users. This is not a vulnerability, just an abuse of cloud-based services that Google provides.

Google’s response

Google said it has taken action against the activity:

“We have blocked several phishing campaigns involving the misuse of an email notification feature within Google Cloud Application Integration. Importantly, this activity stemmed from the abuse of a workflow automation tool, not a compromise of Google’s infrastructure. While we have implemented protections to defend users against this specific attack, we encourage continued caution as malicious actors frequently attempt to spoof trusted brands. We are taking additional steps to prevent further misuse.”

We’ve seen several phishing campaigns that abuse trusted workflows from companies like Google, PayPal, DocuSign, and other cloud-based service providers to lend credibility to phishing emails and redirect targets to their credential-harvesting websites.

How to stay safe

Campaigns like these show that some responsibility for spotting phishing emails still rests with the recipient. Besides staying informed, here are some other tips you can follow to stay safe.

• Always check the actual web address of any login page; if it’s not a genuine Microsoft domain, do not enter credentials.​ Using a password manager will help because they will not auto-fill your details on fake websites.
• Be cautious of “urgent” emails about voicemails, document shares, or permissions, even if they appear to come from Google or Microsoft.​ Creating urgency is a common tactic by scammers and phishers.
• Go directly to the service whenever possible. Instead of clicking links in emails, open OneDrive, Teams, or Outlook using your normal bookmark or app.
• Use multi‑factor authentication (MFA) so that stolen passwords alone are not enough, and regularly review which apps have access to your account and remove anything you don’t recognize.

Pro tip: Malwarebytes Scam Guard can recognize emails like this as scams. You can upload suspicious text, emails, attachments and other files and ask for its opinion. It’s really very good at recognizing scams.

We don’t just report on scams—we help detect them

Cybersecurity risks should never spread beyond a headline. If something looks dodgy to you, check if it’s a scam using Malwarebytes Scam Guard, a feature of our mobile protection products. Submit a screenshot, paste suspicious content, or share a text or phone number, and we’ll tell you if it’s a scam or legit. Download Malwarebytes Mobile Security for iOS or Android and try it today!

Attackers are sending very convincing fake “Google” emails that slip past spam filters, route victims through several trusted Google-owned services, and ultimately lead to a look-alike Microsoft 365 sign-in page designed to harvest usernames and passwords.

Researchers found that cybercriminals used Google Cloud Application Integration’s Send Email feature to send phishing emails from a legitimate Google address: noreply-application-integration@google[.]com.

Google Cloud Application Integration allows users to automate business processes by connecting any application with point-and-click configurations. New customers currently receive free credits, which lowers the barrier to entry and may attract some cybercriminals.

The initial email arrives from what looks like a real Google address and references something routine and familiar, such as a voicemail notification, a task to complete, or permissions to access a document. The email includes a link that points to a genuine Google Cloud Storage URL, so the web address appears to belong to Google and doesn’t look like an obvious fake.

After the first click, you are redirected to another Google‑related domain (googleusercontent[.]com) showing a CAPTCHA or image check. Once you pass the “I’m not a robot check,” you land on what looks like a normal Microsoft 365 sign‑in page, but on close inspection, the web address is not an official Microsoft domain.

Any credentials provided on this site will be captured by the attackers.

The use of Google infrastructure provides the phishers with a higher level of trust from both email filters and the receiving users. This is not a vulnerability, just an abuse of cloud-based services that Google provides.

Google’s response

Google said it has taken action against the activity:

“We have blocked several phishing campaigns involving the misuse of an email notification feature within Google Cloud Application Integration. Importantly, this activity stemmed from the abuse of a workflow automation tool, not a compromise of Google’s infrastructure. While we have implemented protections to defend users against this specific attack, we encourage continued caution as malicious actors frequently attempt to spoof trusted brands. We are taking additional steps to prevent further misuse.”

We’ve seen several phishing campaigns that abuse trusted workflows from companies like Google, PayPal, DocuSign, and other cloud-based service providers to lend credibility to phishing emails and redirect targets to their credential-harvesting websites.

How to stay safe

Campaigns like these show that some responsibility for spotting phishing emails still rests with the recipient. Besides staying informed, here are some other tips you can follow to stay safe.

• Always check the actual web address of any login page; if it’s not a genuine Microsoft domain, do not enter credentials.​ Using a password manager will help because they will not auto-fill your details on fake websites.
• Be cautious of “urgent” emails about voicemails, document shares, or permissions, even if they appear to come from Google or Microsoft.​ Creating urgency is a common tactic by scammers and phishers.
• Go directly to the service whenever possible. Instead of clicking links in emails, open OneDrive, Teams, or Outlook using your normal bookmark or app.
• Use multi‑factor authentication (MFA) so that stolen passwords alone are not enough, and regularly review which apps have access to your account and remove anything you don’t recognize.

Pro tip: Malwarebytes Scam Guard can recognize emails like this as scams. You can upload suspicious text, emails, attachments and other files and ask for its opinion. It’s really very good at recognizing scams.

We don’t just report on scams—we help detect them

Cybersecurity risks should never spread beyond a headline. If something looks dodgy to you, check if it’s a scam using Malwarebytes Scam Guard, a feature of our mobile protection products. Submit a screenshot, paste suspicious content, or share a text or phone number, and we’ll tell you if it’s a scam or legit. Download Malwarebytes Mobile Security for iOS or Android and try it today!

Wired is reporting on Chinese darknet markets on Telegram.

The ecosystem of marketplaces for Chinese-speaking crypto scammers hosted on the messaging service Telegram have now grown to be bigger than ever before, according to a new analysis from the crypto tracing firm Elliptic. Despite a brief drop after Telegram banned two of the biggest such markets in early 2025, the two current top markets, known as Tudou Guarantee and Xinbi Guarantee, are together enabling close to $2 billion a month in money-laundering transactions, sales of scam tools like stolen data, fake investment websites, and AI deepfake tools, as well as other black market services as varied as pregnancy surrogacy and teen prostitution.

The crypto romance and investment scams regrettably known as “pig butchering”—carried out largely from compounds in Southeast Asia staffed with thousands of human trafficking victims—have grown to become the world’s most lucrative form of cybercrime. They pull in around $10 billion annually from US victims alone, according to the FBI. By selling money-laundering services and other scam-related offerings to those operations, markets like Tudou Guarantee and Xinbi Guarantee have grown in parallel to an immense scale.

Interesting article on the variety of LinkedIn job scams around the world:

In India, tech jobs are used as bait because the industry employs millions of people and offers high-paying roles. In Kenya, the recruitment industry is largely unorganized, so scamsters leverage fake personal referrals. In Mexico, bad actors capitalize on the informal nature of the job economy by advertising fake formal roles that carry a promise of security. In Nigeria, scamsters often manage to get LinkedIn users to share their login credentials with the lure of paid work, preying on their desperation amid an especially acute unemployment crisis.

These are scams involving fraudulent employers convincing prospective employees to send them money for various fees. There is an entirely different set of scams involving fraudulent employees getting hired for remote jobs.

Scammers are generating images of broken merchandise in order to apply for refunds.

Americans aged 60 and older lost $4.8 billion in 2024 to scammers, according to a report released by the FBI. These figures represent real people, real families, and life-changing financial devastation.

The impact extends beyond just the numbers. The average loss among people over the age of 60 was $83,000, more than four times the average overall loss in 2024. This disparity highlights why seniors have become prime targets for sophisticated scam operations.

Why seniors are targeted

Cybercriminals specifically target older adults for several reasons. Many seniors have accumulated substantial savings over their lifetimes, own their homes outright, and maintain good credit scores. Additionally, some may be less familiar with modern technology and digital security practices, making them more vulnerable to online deception.

The 5 scams draining senior bank accounts

1. Tech support fraud

Tech support scams happen when scammers pose as representatives of legitimate businesses like banks and utility companies. They reach out in various ways, including phone calls, texts and pop-up windows. They claim there’s an issue with a device or account and ask to send a fee to fix it. These fake alerts provide phone numbers that connect victims to scammers who then request remote access to computers and payment for unnecessary “repairs.”

2. Romance scams

Lonely seniors looking for love and companionship can easily fall victim to romance fraud. Criminals create fake profiles on dating sites and social media. These scammers build emotional relationships over weeks or months before requesting money to be wired or transferred to them for emergencies or travel expenses. Romance scams cost seniors $277 million (up 16% from 2022) according to the FTC’s latest report.

3. Grandparent scams

One of the most disturbing trends is the grandparent emergency scam. Fraudsters use AI to clone the voice of a grandchild in distress. Grandma or Grandpa gets a fake call from someone who sounds just like their grandchild saying need of money for bail, medical emergencies, or another crisis. They often request that the victim keep the call secret and send money immediately through wire transfers or gift cards. These scams work because they create emotional urgency.

4. Investment fraud

Older adults report losing more money, $538 million—a 34% increase over 2022, to investment scams than any other type of fraud. These scams often originate from phone calls, emails, social media, or events where fraudsters promise “guaranteed” high returns with little to no risk. Many schemes use urgency (“act now before it’s too late”), pose as financial advisors, or an affinity group related to their community or church. Seniors may fall for them because they sound safe and tailored to their situation, making it difficult to distinguish between legitimate opportunities and fraudulent ones until it’s too late.

5. Government impersonation scams

Scammers pose as representatives from Medicare, Social Security, or the IRS, claiming there are problems with benefits or threatening legal action unless immediate payment is made. For example, a call, text or social media message from someone who says they work at the Social Security Administration. They threaten to suspend the senior’s Social Security number or stop their Social Security payments unless they send them money owed. This type of claim is a scheme to steal both identity and money.  Social Security numbers can’t be suspended, and government agencies will never ask to be paid via wire transfer, cryptocurrency or payment apps.

Signs that it might be a scam

• Unexpected phone calls or pop-ups claiming a computer is infected
• Requests for immediate payment via wire transfer, gift cards, or cryptocurrency
• High-pressure tactics demanding quick decisions
• Unsolicited romantic interest from strangers online
• Claims of emergency situations involving family members
• Promises of unrealistic investment returns

How Webroot can help protect seniors

Modern cybersecurity solutions are essential for protecting seniors online. Webroot’s Total Protection offers multiple layers of protection specifically designed to combat the threats seniors face most.

Antivirus protection: Webroot’s advanced threat detection identifies and blocks malicious websites, phishing attempts, and dangerous downloads before they can cause harm.

Identity protection: Identity, credit, and financial accounts monitoring for fraud, with up $1M in fraud expense and stolen funds reimbursement.

Dark Web monitoring: This feature monitors personal information and alerts users if their data appears on the dark web or in data breaches.

Secure browsing: Webroot automatically warns users about suspicious websites and blocks access to known scam sites.

Password management: Strong, unique passwords are crucial for online safety, and Webroot’s password manager makes it easy to maintain secure accounts across all devices.

The importance of community awareness

The epidemic of attacks on seniors requires community-wide awareness and action.

Family members should regularly discuss online safety with senior relatives, helping them understand current scam tactics without creating fear or limiting their digital independence. Community organizations, libraries, and senior centers host educational workshops about cybersecurity and scam prevention. Seniors should check local events to learn more.

Moving forward safely

The digital world offers tremendous benefits for seniors, from staying connected with family to accessing healthcare and financial services online. The goal The goal for seniors isn’t to avoid technology but to use it safely and confidently.

By combining awareness, education, and robust cybersecurity tools like Webroot, seniors can enjoy the advantages of modern technology while staying protected from those who would exploit their trust and generosity. When something seems too good to be true or creates a sense of urgency, seniors should take time to verify information and consult with trusted family members or friends.

The fight against elder fraud requires vigilance from entire communities, but with the right tools and knowledge, families and communities can help protect their most vulnerable members from these devastating crimes.

Additional resources:

The cost of romance fraud

Spotting grandparent scams

AARP 2025 fraud and scams survey

Webroot solutions

The post Senior scams topped $4.8 billion in 2024: What to watch out for appeared first on Webroot Blog.