Digital Defense Daily by GP

30/03/2026

New SPID Phishing Alert!
�Cybercriminals are sending fake emails posing as Poste Italiane, claiming your SPID has been suspended.
�Remember: never click suspicious links and always verify directly through official channels.
�Stay alert and protect your digital identity!

29/01/2026

**TRUE STORY. REAL WARNING.**

A guy bought a ticket for the Milano–Cortina 2026 Olympics using his UniCredit credit card.

The ticket arrived in his email within minutes. ✅

A few minutes after that, his bank called him.
They told him: "We blocked your card due to a impossible payment. Tha card was just used to pay at a restaurant in USA".

He verified with Unicredit app, and yes Fortunately his credit card was blocked by unicredit.

So… what does this mean?
Was the card cloned somewhere?
Was it just bad timing?
Is there a vulnerability somewhere with the cortine website?
Who knows… 🤷‍♂️

What is certain is this 👇
When you buy anything online — tickets, subscriptions, shopping — always use a virtual card.
✅ Real card stays safe
✅ Virtual card can be blocked instantly
✅ Much lower risk if something goes wrong

Virtual are not paranoia — they’re protection.
Stay safe online. 🔐💳

16/01/2026

🚨 OneCoin: one of the biggest crypto scams ever
In 2014, Ruja Ignatova launched OneCoin, promoting it as the next big thing in crypto.

The hype spread fast:
🌍 170+ countries
👥 millions of members
💸 billions invested

But the truth?
There was no real cryptocurrency.
❌ no blockchain
❌ no real coins — just numbers inside a closed system

People bought “education packages” and got tokens with zero real-world value.
The scheme relied on a constant flow of new investors.

In 2017, Ruja was supposed to speak at a Lisbon event… but vanished instead ✈️💨
She’s been wanted globally ever since.
🔍 OneCoin is now recognized as one of the largest frauds in crypto history.

15/01/2026

05/01/2026

Fake PagoPA payment requests are spreading.

Don’t click. Don’t scan. Don’t rush.
Verify before you pay.

This alert applies to Italy only.

31/12/2025

Security Starts With You: 5 Social Engineering Awareness Tips

26/12/2025

🚨 Beware of AI Voice Scams! 🚨

A friend of mine recently fell victim to a scam that looked so real it’s scary.

Here’s what happened:
He saw a giveaway post on Instagram from his wife’s cousin. To join, he just had to fill out a form. Easy, right?
The next day, he received an Instagram call from a different account but with wife's cousin voice, telling him to check his messages. There was a screenshot of Original post saying he had won the giveaway!

But here’s the catch: the message asked him to donate €5 to confirm participation. He entered his debit card details.
Two days later, €65 was gone from his account! When he called the cousin’s real phone number, he discovered the truth: the cousin never called and never sent any message. The scammer used AI voice cloning to sound like his cousin during the Instagram call. 🥲🥲

---

🔍 Red Flags in the Instagram Message

1. Suspicious username – “imghensen.team” doesn’t match the cousin’s real account.

2. External link – The link goes to a WordPress site, not an official brand or verified page.

3. Unusual request – Asking for money (€5) for a giveaway is a big warning sign.

4. Urgency & pressure – “Check your registration” and “send screenshot” are tactics to make you act fast.

5. Poor grammar – “Prova a fare uno screenshot” sounds informal and unprofessional for a real giveaway.

---

🛡 How to Spot & Avoid This Scam

• Check the link: Hover or tap and see if it’s a trusted domain. WordPress ≠ official giveaway.

• Verify the account: Look for the blue checkmark or confirm with the person via another channel.

• Never share card details for giveaways: Real giveaways NEVER ask for payment.

• Be cautious with calls: AI voice cloning can make scammers sound like someone you know. Always confirm through a separate call or message.

23/12/2025

23/12/2025

Scammers dont take vacations. Be Vigilant!

21/12/2025

Data breaches happen when hackers steal usernames, passwords, and other sensitive information from websites. If your email address was part of a breach, your accounts could be at risk.

How to check if your email was compromised:
1. Go to: www.haveibeenpwned.com
2. Enter your email address in the search box.
3. Click “pwned?”
4. The site will show if your email appeared in any known data breaches.
• If it says “Oh no — pwned!”, your email was exposed.
• If it says “Good news — no pwnage found!”, your email is safe (for now).

What to do if your email is compromised:
• Change your password immediately (use a strong, unique one).
• Enable Multi-Factor Authentication (MFA) on all accounts.
• Avoid reusing passwords across different sites.
• Consider using a password manager for better security.

Why this matters:
Cybercriminals often use stolen credentials for phishing, identity theft, and account takeovers. Awareness and proactive steps can protect you.