#NSBCS.101 - Click Carefully This Black Friday: $260M Lost to Scams in 2025
Click Carefully This Black Friday: $260M Lost to Scams in 2025
Australians reported nearly $260 million in scam losses in the first nine months of 2025, with online shopping scams on the rise.
Scamwatch received 159,319 scam reports, highlighting a 16% increase in losses compared to last year.
Shopping scams led to $8.6 million in losses, often exploiting Black Friday deals.
Social media account takeovers are also a growing threat, used to target friends with fake sales, grants, and investment schemes.
Vulnerable communities, including people with disabilities, non-native English speakers, and First Nations Australians, are disproportionately affected.
Top tips to protect yourself:
STOP: Don’t rush or give out personal info.
CHECK: Verify who you’re dealing with.
PROTECT: Act quickly if something feels wrong: contact your bank, report to Scamwatch, report to police and change passwords.
For more support, visit Scamwatch.gov.au or contact IDCARE.
Resource: https://www.nasc.gov.au/news/australians-report-nearly-260m-in-losses-as-shopping-scams-surge
What we read this week
Fortinet FortiWeb Vulnerability Exploited to Create Admin Accounts - Threat actors are actively exploiting a now-patched critical path traversal vulnerability in Fortinet's FortiWeb web application firewall (CVE-2025-64446, CVSS score: 9.1) to gain unauthorised administrative access. The flaw, silently fixed in version 8.0.2, allows remote attackers to execute commands via crafted requests. Exploitation was observed shortly after a zero-day exploit appeared on underground forums in early November 2025. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added it to its Known Exploited Vulnerabilities catalogue, mandating federal agencies to patch by late November. Organisations are urged to upgrade immediately, restrict management interface exposure, and monitor for signs of compromise such as unexpected admin accounts.
Google Patches Actively Exploited Chrome Zero-Day in V8 Engine - Google has released an emergency update for Chrome to address a high-severity type confusion vulnerability in the V8 JavaScript engine (CVE-2025-13223, CVSS score: 8.8) that is being exploited in the wild. Credited to Google's Threat Analysis Group, the flaw could lead to arbitrary code execution or crashes when processing malicious web content. This marks the seventh Chrome zero-day patched in 2025, and the third V8 type confusion issue. Users should update to version 131.0.6778.108/.109 for Windows/Mac or 131.0.6778.108 for Linux. Enterprises are advised to enforce auto-updates and deploy web filtering to block exploit kits.
RondoDox Botnet Targets Unpatched XWiki Servers for DDoS Attacks - The emerging RondoDox botnet is rapidly exploiting a critical remote code execution vulnerability in XWiki Platform (CVE-2025-24893) to enslave vulnerable servers into a DDoS-for-hire network. Patched in February 2025 but added to CISA's KEV catalog this month, the flaw has seen record exploitation surges since early November, with botnets, miners, and scanners piling on. Affected versions include those prior to 15.10.11 and 16.4.1. Administrators must apply patches urgently, expose only necessary services, and scan for persistence indicators like unusual outbound traffic.
Australian Defence Contractors Breached in Supply Chain Attacks - A series of cyberattacks on Australian defence industry suppliers has exposed sensitive information related to major weapons programmes, including the $7 billion Redback infantry fighting vehicles and submarine projects. Breaches at firms like IKAD Engineering and others involved data exfiltration of blueprints, security protocols, and personnel details, with some attributed to Iran-linked groups like Cyber Toufan. Analysts warn this highlights vulnerabilities in the defence supply chain's weakest links. Contractors are recommended to enhance third-party risk assessments, implement zero-trust architectures, and collaborate on threat intelligence sharing.
Cloudflare Outage Disrupts Major Platforms Amid Traffic Spike - Cloudflare experienced a significant outage on 18 November 2025 due to an unusual spike in traffic, impacting services like X (formerly Twitter), ChatGPT, and thousands of websites. The company confirmed no evidence of a cyberattack, attributing the issue to network errors. Restoration was swift, but the incident underscores reliance on centralised CDN providers. Businesses are advised to diversify infrastructure, implement failover mechanisms, and monitor for opportunistic attacks during such events.
Referenceshttps://thehackernews.com/2025/11/fortinet-fortiweb-flaw-actively.htmlhttps://thehackernews.com/2025/11/google-issues-security-fix-for-actively.htmlhttps://thehackernews.com/2025/11/rondodox-exploits-unpatched-xwiki.htmlhttps://www.abc.net.au/news/2025-11-19/defence-cyber-attacks-adf-military-projects-redback-hackers/105999222https://www.reuters.com/business/elon-musks-x-down-thousands-us-users-downdetector-shows-2025-11-18/