Scammers adopting increasingly convincing tactics, report finds

AI-generated profiles, impersonation of banks, and fake recovery schemes among latest threats

The Isle of Man’s Cyber Security Centre has published its latest bimonthly threat report, warning of increasingly sophisticated cyber threats targeting both individuals and organisations across the Island.

Incidents reported between 1 May and 30 June 2025 are included in the update which outlines a wide range of concerns including phishing scams, fake investment schemes, and the use of artificial intelligence to impersonate individuals online.

A total of 787 suspicious emails were submitted to the government’s Suspicious Email Reporting Service (SERS) during the two-month period. Malicious links remained the most common threat, followed by a notable rise in advance-fee fraud. Scam messages frequently impersonated services such as Manx.net, cryptocurrency platforms, PayPal, and travel websites.

Sixty-nine separate cyber concerns were formally reported, with issues ranging from hijacked business email accounts and domain spoofing to sextortion, fraudulent websites, and stolen devices.

Among the cases highlighted was a sophisticated scam involving the impersonation of digital banking platform Revolut. The victim was tricked into sharing a one-time passcode and uploading identification documents, ultimately resulting in a loss of more than £3,000. Authorities described the incident as a classic example of social engineering, where legitimate security processes are manipulated for criminal gain.

Other incidents included an attempted spoofing of a local wholesaler to redirect payments, and a recovery scam targeting a victim who had already lost funds in a cryptocurrency fraud. The latter was asked to contribute further funds in exchange for a supposed compensation payout, only to be defrauded again.

One case involved a company that appeared to shift its online identity using a new domain name and an AI-generated image of a fictional CEO. The associated business address was later traced to a private residence whose owner had no current links to the firm, raising concerns about the abuse of publicly available data to create a false sense of legitimacy.

The report also referenced a legitimate communication from a local bank which was mistakenly flagged as a scam by a member of the public, highlighting how rising fraud levels are eroding digital trust – even for genuine messages.

The Cyber Security Centre, part of the Office of Cyber-Security and Information Assurance (OCSIA), reiterated the importance of clear communication and user awareness, particularly as fraudsters increasingly rely on urgency and fear to pressure victims.

Beyond the Isle of Man, the report highlighted major cyber incidents involving NHS provider Synnovis, Marks & Spencer, Coinbase, Coca-Cola, and several international airlines. Many of the attacks stemmed from vulnerabilities in third-party suppliers, with warnings that supply chain security is fast becoming one of the most critical areas of risk.

The CSC stresses that cyber resilience is not limited to IT departments, and must involve business continuity planning, regular staff training, and a culture of vigilance across all departments. It also urges organisations to adopt standard email authentication protocols, such as SPF, DKIM and DMARC, to prevent spoofing attempts.

The CSC is set to host CyberIsle 2025 at the Comis Hotel – this year’s conference theme is ‘Building a Resilient Island’, exploring strategies for incident response, infrastructure protection and regulatory preparedness.

Residents are encouraged to report suspicious emails to SERS@ocsia.im and raise any concerns via the Cyber Security Centre’s website.