The UK, France, Sweden, and EU have made fresh attacks on end-to-end encryption. Some of the attacks are more “crude” than those in recent years, experts say.

Over the past decade, encrypted communication has become the norm for billions of people. Every day, Signal, iMessage, and WhatsApp keep billions of messages, photos, videos, and calls private by using end-to-end encryption by default—while Zoom, Discord, and various other services all have options to enable the protection. But despite the technology’s mainstream rise, long-standing threats to weaken encryption keep piling up.

Over the past few months, there has been a surge in government and law enforcement efforts that would effectively undermine encryption, privacy advocates and experts say, with some of the emerging threats being the most “blunt” and aggressive of those in recent memory. Officials in the UK, France, and Sweden have all made moves since the start of 2025 that could undermine or eliminate the protections of end-to-end encryption, adding to a multiyear European Union plan to scan private chats and Indian efforts that could damage encryption.

These latest assaults on encryption come as intelligence agencies and law enforcement officials in the United States have recently backtracked on years of anti-encryption attitudes and now recommend that people use encrypted communication platforms whenever they can. The drastic shift in attitude followed the China-backed Salt Typhoon hacker group’s widespread breach of major US telecoms, and it comes as the second Trump administration ramps up potential surveillance of millions of undocumented migrants living in the US. Simultaneously, the administration has been straining longtime, crucial international intelligence-sharing agreements and partnerships.

“The trend is bleak,” says Carmela Troncoso, a longtime privacy and cryptography researcher and the scientific director at the Max-Planck Institute for Security and Privacy in Germany. “We see these new policies coming up as mushrooms trying to undermine encryption.”

End-to-end encryption is designed so only the sender and receiver of messages have access to their contents—governments, tech companies, and telecom providers can’t snoop on what people are saying. Those privacy and security guarantees have made encryption a target for law enforcement and governments for decades, because officials claim that the protection makes it prohibitively difficult to investigate urgent threats such as child sexual abuse material and terrorism.

As a result, governments around the world have frequently proposed technical mechanisms to bypass encryption and allow access to messages for investigations. Cryptographers and technologists have repeatedly and definitively warned, though, that any backdoor created to access end-to-end encrypted communications could be exploited by hackers or authoritarian governments, compromising everyone’s safety. Additionally, it is likely that criminals would find ways to continue to use self-made encryption tools to conceal their messages, meaning that backdoors in mainstream products would succeed at undermining protections for the public without eliminating its use by bad actors.

Broadly, the recent threats to encryption have come in three forms, says Namrata Maheshwari, the encryption policy lead at international nonprofit Access Now. First, there are those where governments or law enforcement agencies are asking for backdoors to be built into encrypted platforms to gain “lawful access” to content. At the end of February, for example, Apple pulled its encrypted iCloud backup system, called Advanced Data Protection, from use in the UK after the country’s lawmakers reportedly hit the Cupertino company with a secret order demanding Apple provide access to encrypted files. To do so, Apple would have had to create a backdoor. The order, which has been criticized by the Trump administration, is set to be challenged in a secret court hearing on March 14.

Meanwhile, lawmakers in Sweden are also considering legislation that would require encrypted messaging companies, such as Signal and WhatsApp, to keep copies of messages that people send on their platforms so they could allow law enforcement to access suspects’ histories. Signal has said it would pull out of Sweden if the potential law goes ahead. While in France earlier this year, a proposed amendment to a drug trafficking law outlined plans to require encrypted messaging services to hand over decrypted chat messages within 72 hours of a request or face fines of up to 2 percent of annual global revenue. This week, the proposal was reportedly scrapped, while some politicians said they supported the idea.

“We’re seeing some democracies revert back to very crude approaches to circumventing encryption that we maybe thought were something of the past,” Callum Voge, the director of governmental affairs and advocacy at nonprofit Internet Society, says of efforts that could require a backdoor to be created.

In January, the head of EU law enforcement agency Europol told the Financial Times that tech companies have a “social responsibility” to provide access to encrypted messages. “Anonymity is not a fundamental right,” Catherine De Bolle told the publication. The comments expanded upon a previous statement from European police chiefs saying “we do not accept that there need be a binary choice between cybersecurity or privacy on the one hand and public safety on the other.”

The second threat, Maheshwari says, relates to an increase in proposals related to a technology known as “client-side scanning.” The process, which is sometimes called “on-device scanning,” involves scanning messages locally on a person’s device before they are encrypted, and comparing them against a database of prohibited content that is held elsewhere. Client-side scanning is an effort to contort encryption backdoors into something more palatable to privacy proponents by keeping people’s personal data on their own devices.

Ultimately, though, cryptographers and digital rights advocates have repeatedly warned that client-side scanning does not sidestep the fundamental dangers posed by creating a way for a third party to access encrypted data. The Internet Society’s Voge describes such efforts as a more “sophisticated” way that democracies have been trying to circumvent encryption in recent years.

For instance, politicians in the EU have been fiercely debating plans to scan billions of messages for potential child sexual abuse material using client-side scanning for more than three years. The unresolved debates have proved highly controversial, with multiple countries pushing to weaken encryption. “Scanning for one type of content, for instance, opens the door for bulk surveillance and could create a desire to search other encrypted messaging systems across content types,” Apple officials said in a letter first reported by WIRED in August 2023, after the company ditched its own, separate plans to introduce a form of client-side scanning on iPhones.

“It’s very divided in Europe, \[there are\] countries strongly in favor of scanning and countries strongly against it as well,” Voge says of the EU’s long-running chat monitoring plans. In May 2023, WIRED obtained leaked documents that stated many European countries’ positions on encryption. At the time, Spanish officials said they would like to prevent end-to-end encryption entirely in the EU, while many others were in favor of scanning people’s messages. Other countries, such as Germany, were against weakening encryption. Dutch political documentation says the country’s intelligence agency, AIVD, considers client-side scanning to be “too great a security risk for the digital resilience of the Netherlands.”

Finally, Maheshwari says, there is always the looming threat of potential bans or blocks for encrypted services. Toward the end of 2024, Russian officials blocked access to Signal amid the country’s ongoing full-scale war against Ukraine and widescale efforts to censor and control information environments. India has an ongoing lawsuit against WhatsApp, which could threaten its ability to operate in the country or necessitate that the platform retreat from end-to-end encryption in that market. Maheshwari also points out that while all virtual private networks do not specifically use end-to-end encryption, India has already banned multiple VPN services.

While each potential proposal that could undermine encryption is slightly different, the Internet Society’s Voge says that they’ve been met with some “stronger” pro-encryption voices coming from government or law enforcement services around the world, particularly when it comes to protecting national security.

In December, two officials from the US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI, encouraged more people to use encrypted communications systems after China’s Salt Typhoon hackers gained deep access to US telecoms providers, exposing unencrypted calls and texts. “Encryption is your friend, whether it’s on text messaging or if you have the capacity to use encrypted voice communication,” one of the officials said.

Voge points out that as well as CISA and the FBI’s calls to use encrypted messaging, the Swedish armed forces has specifically cleared Signal for use with unclassified material, saying it can stop messages and calls from being intercepted by third parties.

Ahead of the UK’s March 14 legal hearing about the backdoor order reportedly made to Apple, US senators and privacy groups urged there to be more transparency about the demands and the risks to global encryption it presents. A bipartisan group of five members of Congress said the “cloak of secrecy” should be removed.

UK civil liberties groups Privacy International and Liberty also filed legal challenges over the secrecy of the proceedings. “While the UK Government seems to have come for Apple today, tomorrow it may be any other big tech companies, such as Google and Microsoft, and the day after it could be Signal, your VPN Provider, Proton and others,” Privacy International said in a statement.

Ultimately, Access Now’s Maheshwari says, efforts to defend encryption will almost certainly continue, as they have for decades, to protect people’s human rights.

“Encryption right now is exceptionally important because it's a crucial enabler of the full spectrum of human rights,” Maheshwari says. “It’s not just privacy. It is what enables you to speak freely, to exercise your freedom of expression, to organize, to assemble, to associate.”

A New Era of Attacks on Encryption Is Starting to Heat Up

Sports betting is a multi-billion-dollar industry, but behind the flashing lights and promises of easy money lies a hidden underworld of deception.

Sports betting is a multi-billion-dollar industry, but behind the flashing lights and promises of easy money lies a hidden underworld of deception.

In recent years, shady betting companies have found a clever way to bypass regulations and continue their operations through **mirror sites**—duplicate versions of their main website that allow them to evade bans, deceive users, and rake in massive profits. 

****How** **g****ambling** **c****ompanies** **e****xploit** **m****irror** **d****omains** **

A mirror site is essentially a clone of an existing betting website, hosted on a different domain. Companies create dozens – sometimes even hundreds – of these mirrors to ensure they remain accessible even when regulators try to shut them down. 

Why do they do this? 

*   **Evade regulation:** Governments and gambling commissions regularly block illegal or unlicensed betting sites. When one gets banned, the company simply redirects users to a new domain. 

*   **SEO and ad manipulation:** More domains mean more search engine presence, allowing these companies to dominate the online gambling market and attract unsuspecting bettors. 

*   **Affiliate and referral loopholes:** Many of these sites exist solely to capture affiliate commissions, misleading users into thinking they are signing up through legitimate sources. 

*   **Phishing and fraud risks:** Users might unknowingly enter personal and financial details on a fake version of the site, opening themselves up to scams and identity theft. 

One of the most infamous cases of gambling companies using mirror domains is 1xBet, a company that built an empire by aggressively bypassing laws through hundreds of duplicate sites. 

1xBet’s tactics were so successful that they made millions in revenue, eventually becoming a global sponsor of FC Barcelona. But despite their rise to legitimacy, their past was riddled with controversy: 

*   They were banned in Russia but continued to operate through mirror sites. 

*   The UK Gambling Commission launched an investigation into their illegal activities, forcing them to suspend operations in the UK. 

*   Reports surfaced that they hosted illegal casino games and even betting on cockfighting. 

Even after being blacklisted in multiple countries, they continued to thrive simply by shifting users to a new domain each time one was blocked. 

****20Bet and MostBet’s expanding mirror network** **

But 1xBet isn’t alone. Recent investigations have revealed that newer betting companies are using the same shady tactics. 

*   20Bet has over 100 active domains, many of which are identical mirrors/referrals of each other. 

*   MostBet has over 40 mirror sites, ensuring that they can never be completely shut down. 

This extensive network allows them to: 

*   Dodge regulatory action and continue operating in countries where they are banned. 

*   Flood search engines and ad networks, making it difficult for users to distinguish legitimate operators from scams. 

*   Run deceptive marketing campaigns, promising risk-free bets and bonuses that are often impossible to claim. 

****The** **r****eal** **d****anger: How** **u****sers** **g****et** **t****rapped** **

Imagine this scenario: A football fan eager to bet on an upcoming match searches for a reliable betting site. They click on a paid ad for 20Bet, promising a “100% Risk-Free Bet Up to $500.” 

*   They sign up and deposit money on what appears to be the official site. 

*   They win their first bet and try to withdraw—but the site suddenly disappears. 

*   They find another 20Bet domain and try logging in—only to realize their credentials don’t work. They’ve been scammed. 

Because so many duplicate domains exist, it’s nearly impossible for users to track where their money is actually going – or whether the site they’re on is real at all. 

****How to protect yourself from betting scams** **

With the rise of mirror sites, it’s more important than ever to be cautious when engaging in online sports betting. Here are some tips to stay safe: 

1.  **Check for proper licensing**: Legitimate betting companies should be licensed by recognized authorities like the UK Gambling Commission or Malta Gaming Authority. 

2.  **Avoid too-good-to-be-true promotions**: If a site is offering unrealistic bonuses or “guaranteed” wins, it’s likely a scam. 

3.  **Use trusted sources for links**: Don’t click on ads or promotional links. Instead, visit the official websites of reputable gambling regulators. 

4.  **Be wary of multiple domains**: If a betting company has dozens of different URLs, it’s a major red flag. 

5.  **Research before depositing**: Look up reviews and complaints from other users before signing up for any site. 

****Final thoughts: A dangerous game of cat and mouse** **

The sports betting industry continues to grow, but its darker side remains hidden beneath layers of deception. Companies like 1xBet, 20Bet, and MostBet have found ways to outmanoeuvre regulators and keep the money flowing—often at the expense of unsuspecting bettors. 

The fact that one of the world’s most controversial gambling companies (1xBet) went from running mirror sites to sponsoring FC Barcelona should serve as a wake-up call. These companies are not just skirting the law – they are thriving because of it. 

Until regulators find a way to effectively combat these tactics, sports bettors must remain vigilant. If something seems off, it probably is. And in the world of online gambling, a single wrong move could mean the difference between a big win and losing everything. 

****IOCs** **

MostBet –   
2d593xv\[.\]com 

3p4hdpmb\[.\]com 

3z9sbhba58mst\[.\]com 

4jls7l19\[.\]com 

4rayasmb\[.\]com 

560rp67\[.\]com 

6q4mhfo\[.\]com 

7tr85sq\[.\]com 

9389z7h\[.\]com 

9mnekb9\[.\]com 

ad2s0rs\[.\]com 

casinomstwins\[.\]com 

cdwxjlz\[.\]com 

jtw2fgmb\[.\]com 

llhrd3wu6vmb\[.\]com 

mfviz8eunkmb\[.\]com 

mkvw5jomb\[.\]com 

mostbet-in33\[.\]com 

mostbet-in34\[.\]com 

mostbet-in36\[.\]com 

mostbet-in37\[.\]com 

mostbet-in46\[.\]com 

mostbet-in56\[.\]com 

mostbet-in62\[.\]com 

mostbethu1\[.\]com 

mostbetru-44\[.\]com 

nfc5wbnalsmb\[.\]com 

ozvfgemb\[.\]com 

rw7e3v5gsumb\[.\]com 

sdma8tw\[.\]com 

sez67b24o7mb\[.\]com 

siosckmb\[.\]com 

sj13ywp\[.\]com 

szakt9s\[.\]com 

tqmdpkthxengz3g1\[.\]com 

v2izr0q9drmb\[.\]com 

vb7awyus6kmb\[.\]com 

w53hy6afrpmb\[.\]com 

winnerzonecasino\[.\]com 

ww16\[.\]mostbetru-44\[.\]com 

ww38\[.\]mostbetru-44\[.\]com 

x2cy2g8\[.\]com 

y16uyxu\[.\]com 

y2iqdt2\[.\]com 

ze59byq\[.\]com 

22bet – 

20-bet\[.\]ar 

20-bet\[.\]at 

20-bet\[.\]ca 

20-bet\[.\]cz 

20-bet\[.\]es 

20-bet\[.\]in 

20-bet\[.\]org 

20-bet\[.\]pt 

20-betbet\[.\]com 

20-winbet\[.\]com 

20bet-bet\[.\]com 

20bet-bg\[.\]com 

20bet-br\[.\]com 

20bet-casino\[.\]org 

20bet-co\[.\]org 

20bet-dk\[.\]org 

20bet-dk\[.\]site 

20bet-es\[.\]com 

20bet-fi\[.\]org 

20bet-hr\[.\]org 

20bet-hu\[.\]org 

20bet-italia\[.\]com 

20bet-jp\[.\]com 

20bet-portuguese\[.\]com 

20bet-s\[.\]com 

20bet-win\[.\]com 

20bet\[.\]asia 

20bet\[.\]be 

20bet\[.\]ch 

20bet\[.\]cl 

20bet\[.\]co\[.\]nz 

20bet\[.\]com 

20bet\[.\]com\[.\]de 

20bet\[.\]com\[.\]in 

20bet\[.\]com\[.\]pl 

20bet\[.\]com\[.\]se 

20bet\[.\]hu 

20bet\[.\]icu 

20bet\[.\]life 

20bet\[.\]me 

20bet\[.\]nz 

20bet\[.\]org\[.\]in 

20bet\[.\]vip 

20bet\[.\]win 

20bet1\[.\]com 

20bet1\[.\]net 

20bet1\[.\]org 

20bet2\[.\]com 

20bet3\[.\]com 

20bet4\[.\]com 

20bet5\[.\]com 

20beta\[.\]com 

20betapk\[.\]com 

20betapp\[.\]com 

20betb\[.\]com 

20betbet\[.\]com 

20betbr\[.\]com\[.\]br 

20betbrasil\[.\]com 

20betcasino\[.\]lat 

20betcasino\[.\]mx 

20betcasino\[.\]net 

20betcasino\[.\]si 

20betcasinoromania\[.\]org 

20betcasinos\[.\]net 

20betcassino\[.\]com 

20betentrar\[.\]com 

20betforum\[.\]com 

20betgame\[.\]net 

20betkasyno\[.\]pl 

20betlogin\[.\]it 

20betluck\[.\]com 

20betlucks\[.\]com 

20betmirror\[.\]com 

20beto\[.\]com 

20betpartners\[.\]com 

20betportugues\[.\]com 

20bets\[.\]cc 

20bets\[.\]com\[.\]br 

20bets\[.\]in 

20bets\[.\]org 

20bets\[.\]pe 

20bets\[.\]pl 

20betsite\[.\]com 

20bett\[.\]com 

20bett\[.\]org 

20bettin\[.\]com 

20betting\[.\]com 

20betzone\[.\]com 

20bplay\[.\]com 

20bwin\[.\]com 

20bwin\[.\]pt 

20bwins\[.\]com 

20glob\[.\]com 

20luckbet\[.\]com 

20media\[.\]world 

20win88\[.\]com 

20winluck\[.\]com 

aposta20bet\[.\]com 

apostas20\[.\]com 

bet-20\[.\]it 

bet-20\[.\]pl 

bet20\[.\]com\[.\]br 

bet20\[.\]com\[.\]pl 

bet20\[.\]com\[.\]pt 

bet20\[.\]gr 

bet20\[.\]online 

bet20\[.\]pt 

bet20brasil\[.\]com 

bet20brazil\[.\]com 

bet20italia\[.\]com 

bet20portugal\[.\]com 

bet20pt\[.\]com 

bonus-20bet\[.\]com 

bookie20\[.\]com 

es20bet\[.\]com 

esbet20\[.\]com 

forum20bet\[.\]com 

free-bookie\[.\]com 

free20bet\[.\]com 

links20\[.\]world 

mail20media\[.\]com 

pt-20bet\[.\]com 

svkzjv\[.\]com 

twentybet\[.\]net 

xxbet\[.\]it 

xxbetportugal\[.\]com

 The dark side of sports betting: How mirror sites help gambling scams thrive  

Microsoft's March 2025 Patch Tuesday fixes six actively exploited zero-day vulnerabilities, including critical RCE and privilege escalation flaws. Learn how these vulnerabilities impact Windows systems and why immediate patching is essential.

Microsoft has released its March 2025 security updates, addressing a total of 57 vulnerabilities, including six that were actively being exploited before the patch was available as part of the company’s Patch Tuesday. Additionally, one vulnerability was publicly disclosed before a fix was released, bringing the total number of zero-day flaws to seven.

For your information, Patch Tuesday is the second Tuesday of each month when Microsoft releases security updates, bug fixes, and software patches for Windows, Office, and other Microsoft products. It is a scheduled update cycle aimed at improving security and stability.

The March 2025 Patch Tuesday update addresses several security issues, including 23 elevations of privilege vulnerabilities, 3 security feature bypass vulnerabilities, 23 remote code execution vulnerabilities, 4 information disclosure vulnerabilities, 1 denial of service vulnerability, and 3 spoofing vulnerabilities. These counts do not include vulnerabilities patched in Mariner or Microsoft Edge earlier in the month.

Six of the zero-day vulnerabilities were being actively exploited. One, tracked as CVE-2025-24983, enables local attackers to gain system-level privileges by exploiting a race condition in the Windows Win32 Kernel Subsystem where multiple processes simultaneously access or modify shared resources. This flaw affects various Windows versions.

CVE-2025-24991 and CVE-2025-24984 are information disclosure vulnerabilities found in Windows NTFS that allow an attacker with physical access to a Windows device to read sensitive information from the system’s memory, and access portions of “heap memory,” a dynamic allocation region, by inserting a malicious USB drive, potentially stealing sensitive data or credentials. The publicly disclosed zero-day vulnerability, CVE-2025-26630, is a remote code execution (RCE) flaw in Microsoft Access caused by a use-after-free memory bug.

Other zero-day vulnerabilities include CVE-2025-24985, another RCE flaw in the Windows Fast FAT File System Driver caused by an integer overflow. CVE-2025-24993 is a remote code execution vulnerability in Windows NTFS caused by a heap-based buffer overflow. These vulnerabilities can be exploited by tricking users into mounting a crafted VHD file, allowing attackers to execute their code.

Finally, CVE-2025-26633, a security feature bypass in the Microsoft Management Console. The attacker must convince a user to interact with a malicious link or file, such as a specially crafted MMC (.msc) file. If successful, the attacker can circumvent security measures and gain unauthorized access to administrative tools and system settings,

The six critical vulnerabilities, all RCE flaws with CVSS scores ranging between 7.8 through 8.8, affect various Microsoft products. Two of these impact Windows Remote Desktop Services (CVE-2025-24045 and CVE-2025-24035), while the others relate to Microsoft Office, Windows Domain Name Service (CVE-2025-24064), Remote Desktop Client, and Windows Subsystem for Linux Kernel (CVE-2025-24084).

The NTFS and FAT RCE flaws are highlighted as particularly concerning, as they are part of an exploit chain that includes the NTFS information disclosure vulnerabilities. These vulnerabilities are related to mounting virtual hard disk (VHD) files, which could be used to deliver malware payloads.

In addition to Microsoft, other vendors have also released security updates or advisories in March 2025. These include Broadcom, Cisco, Edimax, Google, Ivanti, Fortinet, Paragon, and SAP.

Experts emphasize the importance of applying these patches promptly, particularly those addressing zero-day vulnerabilities. CVE-2025-24057 and CVE-2025-26630 require Office updates and users of Office 2016 need to install two specific patches.

> Security updates for March 2025 are now available. Details are available here: https://t.co/ItXjYLFR2w #PatchTuesday #SecurityUpdateGuide pic.twitter.com/Wx1JOTwTZ2
> 
> — Security Response (@msftsecresponse) March 11, 2025

****Expert Insights on Key Vulnerabilities****

Cybersecurity experts at Immersive have highlighted several vulnerabilities that warrant immediate attention:

*   **Windows NTFS / FAT Remote Code Execution (CVE-2025-24984, CVE-2025-24985, CVE-2025-24991, CVE-2025-24993)**
    
    These four actively exploited flaws relate to **remote code execution via Virtual Hard Disk (VHD) files**. While not remotely exploitable over a network, attackers can trick users into mounting malicious VHDs, potentially delivering malware. Organizations should monitor for VHD files in emails or downloads and apply security restrictions where possible. _Kev Breen, Senior Director of Threat Research, Immersive_.
    

*   **Microsoft Management Console Security Bypass (CVE-2025-26633)**
    
    Attackers are exploiting this flaw to **bypass security restrictions via social engineering**. Users may receive malicious .msc files through phishing emails or compromised websites. Security teams should monitor for .msc executions from untrusted sources to detect potential exploitation. _Kev Breen, Senior Director of Threat Research, Immersive_.
    

*   **Windows Remote Desktop Services RCE (CVE-2025-24035)**
    
    This critical vulnerability enables **remote attackers to execute arbitrary code** on systems with Remote Desktop Gateway enabled. Successful exploitation could lead to malware deployment, lateral movement, and security tool evasion. _Ben Hopkins, Cybersecurity Engineer, Immersive_.
    

*   **Mark of the Web (MoTW) Bypass (CVE-2025-24061)**
    
    Attackers can exploit this flaw to **bypass Windows’ security warnings** on downloaded files. Malicious .url files or web-based lures can trick users into executing harmful content. As similar vulnerabilities have been actively exploited in the past, this remains a high-risk issue. _Ben Hopkins, Cybersecurity Engineer, Immersive_.
    

*   **Win32 Kernel Subsystem Privilege Escalation (CVE-2025-24983)**
    
    A race condition vulnerability allows attackers to escalate privileges to the SYSTEM level, gaining full control over affected systems. This can enable security evasion and credential theft using tools like Mimikatz. Microsoft has confirmed in-the-wild exploitation, reinforcing the need for immediate patching. _Natalie Silva, Lead Cybersecurity Engineer, Immersive_.
    

Security experts emphasize that organizations should prioritize patching these vulnerabilities, especially those actively exploited, to reduce the risk of compromise.

March 2025 Patch Tuesday: Microsoft Fixes 57 Vulnerabilities, 7 Zero-Days

Apple on Tuesday released a security update to address a zero-day flaw that it said has been exploited in "extremely sophisticated" attacks.
The vulnerability has been assigned the CVE identifier CVE-2025-24201 and is rooted in the WebKit web browser engine component.
It has been described as an out-of-bounds write issue that could allow an attacker to craft malicious web content such that it

Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks

Task scams are increasing in volume. We followed up on an invitation by a task scammer to get a first hand look on how they work.

Tasks scam are surging, with a year over year increase of 400%. So I guess it should have been no surprise when I was contacted by a task scammer on X recently.

Task scammers prey on people looking for remote jobs by offering them simple repetitive tasks such as liking videos, optimizing apps, boosting product interest, or rating product images. These tasks are usually gamified—organized in sets of 40 tasks that will take the victim to a “next level” once they are completed. Sometimes the victim will be given a so-called double task that earns a bigger commission.

The scammers make the victim think they are earning money to raise trust in the system. But, at some point, the scammers will tell the victims they have to make a deposit to get the next set of tasks or get their earnings out of the app. Victims are likely to make that deposit, or all their work will have been for nothing.

So when the task scammer contacted me on X to offer me a nice freelance job, I was keen to see where it would take me.

Beginning the message with emojis, Birdie started the chat…

Group invitation on X

> “\[emoji intro\] Hello, I am a third-party agency from the UK, specializing in providing ranking and likes services for Booking+Airbnb hotel applications. The company is now recruiting freelancers worldwide. You only need a mobile phone to easily get it done, and the time and location are flexible. The daily salary is 100-300€, and the monthly salary of formal employees is 3000-10000€. Note (this article is not suitable for students under 22 years old, and African and Indian employees cannot be hired due to remittance issues) For more details please see the WhatsaPP link: \[shortened bit.ly URL\]”

In this case, I was asked to contact the scammer on WhatsApp, but I’ve also seen the same campaign asking the victims to reach out on Telegram.

Invitation to a Telegram conversation

The Telegram invitation was a bit more limited (European and American female users only) but extended to a larger group of 150 accounts on X. What the ones that reached out to me had in common was that they all found my profile on X. Mind you, my profile is not some honeytrap, it clearly says I blog for Malwarebytes.

So, last week I was up for some distraction and decided to follow up on the WhatsApp invitation which was still live. I reset an old phone to factory settings and bought a burner SIM card. With that phone in hand, I set up a Gmail account and installed WhatsApp. I added Birdie Steuber to my contacts with the phone number I found by following the URL. Then I reached out asking if they still had openings.

The bait was taken within minutes: hook, line, and sinker.

introductions

So, Birdie is actually Tina from Sheffield in the UK. The job is available and does not require any special skills or experience. Tina tells me all you need is internet access and you can start working for booking.com.

Next is a long-winded explanation of what the job entails with another mention of the fortune you can make. I suspect the explanation is meant to be slightly confusing, knowing the general population would be embarrassed to ask for a better explanation and just will go ahead and carry out the tasks.

explanation?

More explanations about the job are followed by a quick query whether I will be able to buy USDT, the “hottest cryptocurrency in the world” as Tina described it. (It isn’t.)

USDT required

Tina then asks me to create an account on a fake booking.com website.

create an account on a fake booking(dot)com site

Here’s that site.

the fake booking site

Once I’d set that up, Tina set me up with a training account to learn the tasks. The actual tasks consist of clicking two buttons labelled “Start task” and “Submit” which gets mind-numbing really quick. But, hey, I was wasting a scammers’ time, so it was worth it.

That training account had a balance of over 1,000 USDT, probably to make the victim even more interested.

balance training account

What happened next is likely a demonstration of another tactic the scammers will use to get people to deposit more USDT: A lucky order!

lucky order

I was shown a prompt that I had run into “a 4% lucky order”, which Tina called a merge task that rendered a 4% commission.

Next followed an elaborate explanation on how Tina had to top up the balance to make up for the negative “Pending Amount” and asked me to contact customer support for instructions.

negative pending amount needs to be topped up

But to my surprise this was not what I was asked to do the next day when we continued our conversation. However, Tina quickly revealed how they were expecting to get 100 USDT from me.

> “I forgot to tell you, it takes 100usdt to complete a new round of 40/40 orders to reset 40 new orders. Because 100usdt is to optimize the hotel 100usd reservation fee. Once you complete the 40/40 order task you can withdraw all funds. This is to help the hotel increase the number of real bookings and exposure to earn commission income. The commission income per order is 0.5 per cent. 100usdt will probably get 40-60usdt after completing the 40/40 order task.”

After I completed my first 40 tasks, I was shown this notification letting me know I had reached the maximum number of tasks for the day, at which point I was expected to top op my account at my own expense.

Please contact customer service to recharge and refresh the task

Once I convinced Tina we had purchased 100 USDT, I was told to contact customer support for instructions.

The instructions were similar to the ones I received a day earlier. But at this point I had to terminate because I didn’t want to give the scammers any actual money.

Checking the balance on the account numbers they provided me with during our conversation showed there are likely others who are handing over money. And they very well may have many more accounts.

balance in the USDT accounts belonging to the scammers

These scams are likely designed to be confusing. The actual tasks were nowhere near as difficult as the explanation of what the job entailed.

In the end I revealed to Tina that I was the one that wrote an article about task scams, but Tina did not give up that easily. She kept trying to convince me there was money to be made.

If you’d like to read the whole conversation I had with Tina you can find it here.

****How to avoid task scams****

As I pointed out, all the task scam invitations I received came to me in the form of Message requests on X. So, that’s a good place to be very cautious. Once you know the red flags, it is easier to avoid falling for task scams.

*   Do not respond to unsolicited job offers via text messages or messaging apps
*   Never pay to get paid
*   Verify the legitimacy of the employer through official channels
*   Don’t trust anyone who offers to pay you for something illegal such as rating or liking things online

It’s also important to keep in mind that legitimate employers do not ask employees to pay for the opportunity to work. And as with most scams, if it sound to good to be true, it probably is.

If you run into a task scam, please report them to the FTC at ReportFraud.ftc.gov. 

**We don’t just report on phone security—we provide it**

Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.

 I spoke to a task scammer. Here&#8217;s how it went 

Phishers are once again using the Docusign API to send out fake documents, this time looking as if they come from PayPal.

PayPal scammers are using an old Docusign trick to enhance the trustworthiness of their phishing emails.

We’ve received several reports of this recently, so we dug into how the scam works.

The Docusign Application Programming Interface (API) allows “customers” to send emails that come from genuine Docusign accounts, and they can use templates to impersonate reputable companies.

To pull this off, the phishers set up a Docusign account and then use the templates provided by Docusign to send out legitimate looking invoices from PayPal.

Because the emails come from Docusign they can bypass many security filters.

This is an example of how these emails reach the targets.

> We’ve identified an unauthorized transaction made from your PayPal account to Coinbase:
> 
> Amount: $755.38  
> Transaction ID: PP-5284440
> 
> To safeguard your account and process an immediate refund, you must contact our Fraud Prevention Team at:  
> +1 (866) 379-5160
> 
> Our representatives are available 24/7 to assist you in resolving this issue and preventing any additional unauthorized activity.
> 
> Your account’s security is our top priority, and we’re fully committed to helping you address this matter swiftly. We appreciate your immediate attention to this alert.

If you know this is a scam, you’ll likely see some red flags. The “From” address is a Gmail address which seems unlikely to be something that the genuine PayPal Customer Care department would use. Also, it seems weird that Docusign has been used to send a document that doesn’t require a signature.

Looking deeper, there are some more red flags. The “To” address does not belong to the receiver. It doesn’t even exist.

We tried to contact the scammer through WhatsApp, the Gmail address, and by phone, but didn’t get any replies.

I’ve you’ve received an email like this and want to verify if it’s genuine, go directly to Docusign.com, click ‘Access Documents’ (upper right-hand corner), and enter the security code displayed in the email. If you get an error message, that means the document was removed or never even existed. That’s a huge red flag.

**What can I do?**

If you see an unauthorized PayPal payment linked to a Docusign activity, and you suspect it’s fraudulent, you should immediately report it to both PayPal and Docusign. Contact their customer service departments and using their respective reporting features, as these platforms can be used by scammers to make unauthorized charges under the guise of a legitimate document signing process.

If you think you are the victim of this type of phishing:

*   Check your PayPal account: Log in to your PayPal account and review your recent transactions to search for and identify the suspicious payment.
*   Report the incident to PayPal: To confirm an unauthorized payment, go to the PayPal Resolution Center and report the transaction as fraudulent.
*   If you believe your PayPal account has been compromised, contact any bank for which an account is linked to your PayPal account to check for and report potential fraudulent activity.
*   Check your Docusign account: Review if there has been any recent activity to see if there are any suspicious documents or signatures you don’t recognize.
*   Report to Docusign: You can report suspicious activity through its “Report Abuse” feature or by contacting its security team directly.

Docusign says its team investigates and closes suspicious accounts within 24 hours of the activity being detected or reported. When suspicious accounts are reported, the vast majority of those accounts have already been detected by Docusign’s systems and are either under investigation or have already been closed. Once an account is closed, all envelopes sent from the account are no longer accessible by the recipient or sender.

Key points to remember:

*   Never click on suspicious links in unsolicited emails.
*   Verify the sender: Always check if the sender’s email address matches what you would expect it to be. It’s not always conclusive but it can help you spot some attempts.
*   Go directly to the DocuSign site (not following links in the email or sponsored search results) to check if the document actually exists.

**We don’t just report on threats—we remove them**

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

 PayPal scam abuses Docusign API to spread phishy emails 

Firefox’s new Terms of Use spark user backlash over data rights. Learn how Mozilla responded to concerns about…

Firefox’s new Terms of Use spark user backlash over data rights. Learn how Mozilla responded to concerns about broad language and possible data misuse.

In the Internet era, where our online activities leave behind a trail of data, trust between users and the software they use is more important than ever. That trust is often buried in long legal agreements and complex terms and conditions, but it can quickly disappear if people feel their privacy is being violated. Mozilla, a company historically lauded for its commitment to user privacy, recently found itself at the center of such a trust dispute.

What happened is that the Firefox browser introduced new Terms of Use, which instead of promoting clarity, sparked a major controversy. The update meant to “formalize” user agreements, triggered a wave of user backlash, driven by language perceived as overly broad and potentially granting the company extensive rights over user data. Despite the company’s insistence that the terms were intended to clarify existing data practices and formalize user agreements, the unclear wording caused a lot of confusion and pushback.

The issue centered on a specific clause that granted Mozilla a “nonexclusive, royalty-free, worldwide license” to use information inputted or uploaded through Firefox. Critics, including figures from rival browser companies, interpreted this as an attempt to claim ownership of user data and potentially monetize it for purposes like AI development or targeted advertising. Mozilla, however, refuted these interpretations, stating that the new terms did not signify a change in how user data is handled.

> W T Fhttps://t.co/ifx7R9rBMV
> 
> "When you upload or input information through Firefox, you hereby grant us a nonexclusive, royalty-free, worldwide license to use that information to help you navigate, experience, and interact with online content as you indicate with your use of… https://t.co/Zvbif4TWzz
> 
> — BrendanEich (@BrendanEich) February 27, 2025

In response to the intense criticism, Mozilla clarified its intentions and provided further explanations for the controversial wording as well as revised the clause with clearer wording. Here’s the difference between the original and revised clause:

**Previous:** “When you upload or input information through Firefox, you hereby grant us a nonexclusive, royalty-free, worldwide license to use that information to help you navigate, experience, and interact with online content as you indicate with your use of Firefox.”

**Revised:** “You give Mozilla the rights necessary to operate Firefox. This includes processing your data as we describe in the Firefox Privacy Notice. It also includes a nonexclusive, royalty-free, worldwide license for the purpose of doing as you request with the content you input in Firefox. This does not give Mozilla any ownership in that content.”

Talking to TechCrunch, the company’s VP of Communications, Brandon Borrman, emphasized that the license was necessary to enable basic browser functionalities, such as processing user input. They stressed that the terms did not grant them ownership of user data or the right to use it beyond the scope outlined in their existing Privacy Notice.

According to Mozilla’s explanation of the reasoning behind the specific terms used, “Nonexclusive” was intended to indicate that users retain the right to use their data independently, “Royalty-free” reflected the browser’s free nature, and “worldwide” acknowledged its global availability. The company also confirmed that user data is not sent to third-party AI companies and that any data shared with advertisers is de-identified or aggregated.

The situation has raised fundamental questions about data ownership and the boundaries of digital consent. The initial confusion and backlash emphasize the potential consequences of poorly worded terms, even when intentions are benign. Still, Mozilla’s swift response and subsequent revisions demonstrate the company’s attempt to address user concerns and maintain trust.

1.  Mozilla Rushes to Fix Critical Flaw in Firefox and Thunderbird
2.  Mozilla permanently shuts down Notes & Send over malicious use
3.  Mozilla Faces GDPR Complaint Over New Firefox Tracking Feature
4.  Google & Mozilla ban Avast security extensions over data snooping
5.  Mozilla’s ‘Track This’ lets you choose fake identity to deceive advertisers

Mozilla Tweaks Firefox Terms After Uproar Over Data Use Language

Plus: The FBI pins that ByBit theft on North Korea, a malicious app download breaches Disney, spyware targets a priest close to the pope, and more.

As scam compounds in Southeast Asia continue to drive massive campaigns targeting victims around the world, WIRED took a deeper look at how Elon Musk’s satellite internet service provider Starlink is keeping many of those compounds in Myanmar online. Meanwhile, FTC complaints obtained by WIRED allege that an “OpenAI” job scam used Telegram to recruit workers in Bangladesh for months before the fraudsters suddenly disappeared.

WIRED published the inside story of Russian tech executive Vladislav Klyushin, who—at Vladimir Putin’s behest—was part of a notable US-Russia prisoner swap last summer after he was convicted and incarcerated in the US for insider trading that netted him $93 million. Earlier this week, TVs at the headquarters of the Department of Housing and Urban Development in Washington, DC, showed an apparently AI-generated video on loop of Donald Trump kissing Elon Musk’s feet. The words “LONG LIVE THE REAL KING” were superimposed over the video.

WIRED conducted an investigation into Telegram groups devoted to doxing and harassing women who joined “Are We Dating the Same Guy?” groups on Facebook. And, as female entrepreneurs in tech face ever steeper odds of gaining support for a business, a team of female founders got seed funding and completed a series A round in a matter of months for the cloud container security firm Edera.

But wait, there's more! Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.

**Trump Administration Backs Off on Countering Russian Cyber Foes**

After years of Russian cyber aggression against the United States and its longtime allies—including repeated election meddling, hack and leak operations, disinformation campaigns, elaborate espionage, and brazen, disruptive cyberattacks—multiple recent actions from the Trump administration have recast the US stance on the cybersecurity threats posed by the Kremlin, downplaying the risks of Russian hackers as US adversaries. The about-face comes as Donald Trump and Russian president Vladimir Putin have increasingly strengthened their ties. Consistent US intelligence community assessments of Russia's activity in cyberspace and the threat it poses to the US would indicate, though, that such a change in approach could put the US at risk.

That deprioritization of the Russia threat has come in several different forms. US State Department deputy assistant secretary for international cybersecurity Liesyl Franz said during a speech in a United Nations working group last week that the US is concerned about digital attacks from China and Iran, but did not mention Russia. A recent memo distributed at the Cybersecurity and Infrastructure Security Agency laid out priorities for the agency, focusing on China and defense of US systems but omitted any reference to Russia. And on Friday, the cybersecurity news outlet The Record reported that, last week, Defense Secretary Pete Hegseth ordered US Cyber Command to stop all cyber operational planning against Russia, including offensive digital campaigns.

**Crypto Bounty Hunters Are Racing to Find and Freeze $1.4 Billion Stolen From ByBit**

Eight days have passed since the cryptocurrency exchange ByBit revealed that hackers stole $1.4 billion worth of Ethereum-based assets from the company, a heist that is by some measures the biggest theft of crypto in history. Now the race is on to track the stolen funds across blockchains, prevent its liquidation, or even recover it—and that race is being propelled by $140 million in bounties offered by ByBit itself. ByBit earlier this week launched a website where it’s inviting crypto sleuths to submit tips about the destination of its stolen Ethereum funds and offering as a reward 5 percent of the value of any funds that those tracers can identify and help to freeze or seize. ByBit has offered another 5 percent of the value as a separate reward for any crypto exchange or other platform that obtains the funds.

As of Friday, the website counted a dozen bounty hunters currently registered as part of that crypto-tracing effort and put the tally of paid-out rewards at around $4.3 million. The site also includes a leaderboard of tracers who have successfully identified tranches of the funds by following them across blockchains or frozen funds—as well as a list of crypto exchanges who have, by contrast, liquidated the stolen funds on behalf of the thieves. So far only one exchange, known as eXch, has been flagged as liquidating $94 million of the stolen assets. ByBit notes that eXch has refused to respond to its messages, and the exchange didn’t respond to a BBC request for comment.

**FBI Urges Crypto Industry Not to Launder ByBit Funds for North Korea**

Earlier this week, the FBI took the unusual step of publicly identifying the hackers behind that massive ByBit hack: TraderTraitor, a group of state-sponsored cybercriminals working on behalf of the North Korean government. The FBI asked the crypto industry not to launder the funds of those hackers, a part of the larger umbrella group widely known as Lazarus that has long plagued the cryptocurrency world and has stolen billions in both crypto and non-crypto assets. In its alert, the bureau also released a list of Ethereum addresses associated with the stolen funds in an effort to help the crypto industry identify and seize any part of the $1.4 billion before it can be cashed out. Crypto tracing firm TRM Labs wrote in a post Thursday that around $400 million of the funds have already been moved and may have been successfully liquidated.

**A Disney Staffer Opened the Door for a Slack Hack by Accidentally Downloading Malware**

In July, an entity calling itself “NullBulge” published a 1.1-TB trove of data stolen from Disney's internal Slack archive, tipping off a frenzied cleanup effort as Disney rushed to get a handle on leaked revenue numbers, employee information like passport numbers, and sensitive customer information. The breach occurred after a Disney employee, Matthew Van Andel, inadvertently downloaded malware onto his personal computer that collected his login credentials for a number of services, including, crucially, the password to his 1Password credential vault. “It’s impossible to convey the sense of violation,” he told The Wall Street Journal. Van Andel also had his credit card numbers and other personal data stolen, and then lost his job as well when a Disney audit of his work computer alleged that he had accessed porn from the device. Van Andel denies the accusation. The episode is just one in a series of breaches where malware that infects a worker’s personal computer can have major ramifications for the institution that employs them.

**An Italian Priest Close to the Pope Had His Phone Hacked**

Mattia Ferrari, an Italian priest who works with a migrant-rescue group and has a close relationship with the Pope, revealed this week that he received a warning from Meta that his phone had been hacked with sophisticated spyware from Israeli-based Paragon. The news follows revelations that Luca Casarini, the founder of the NGO Mediterranea Saving Humans, where Ferrari served as a chaplain, also had his phone compromised by spyware, as did Italian investigative reporter Francesco Cancellato. The string of spyware infections targeting Italian activists and a journalist raises the question of who might be carrying out the hacking operations, with opposition leaders calling on the administration of Italian prime minister Giorgia Meloni to address the issue. Meloni’s government has denied being behind the hacking incidents. Pope Francis, who is currently in critical condition with pneumonia, has mentioned speaking to Ferrari on the phone during a TV interview in January, raising the question of whether the spies who hacked Ferrari’s phone eavesdropped on a conversation with the pope himself.

The Trump Administration Is Deprioritizing Russia as a Cyber Threat

Strong eCommerce customer service builds trust, boosts loyalty, and drives sales. Learn key strategies, best practices, and tools to enhance online support.

Great online customer support starts with the fundamentals that make shoppers feel valued and understood when they can’t see your face or walk into your store. The basics include responding quickly across multiple channels, writing in a friendly human tone (not corporate-speak), and making it super easy for customers to find help when they need it.

Mastering these foundational elements builds trust with online shoppers and sets the stage for turning one-time buyers into loyal repeat customers. According to WOW24-7, an e-commerce customer service outsourcing provider, recent studies highlight the impact of customer service quality on online shopping behaviour. In April 2024, reports indicated that 79% of consumers may choose not to buy from a brand again after a poor post-purchase experience.

****What is eCommerce Customer Service?****

Generally speaking, e-commerce customer service is a special department that helps and supports online businesses as you are shopping online. Think of it as the digital version of that helpful store employee, but instead of being face-to-face, they’re helping you through chat, email, or phone when you have questions about products, shipping issues, returns, or just need advice before buying something.

****Advantages of a Good eCommerce Customer Service****

Good online customer service is a total game-changer! It builds trust (super important when you can’t see products in person), turns angry customers into happy ones (like when your headphones arrived broken and they shipped new ones overnight), and makes people spend more money.

Plus, happy customers tell their friends – “one of our customer’s customers switched to a new skincare brand just because her friend raved about how they helped her find the right products for her skin type.”

****How To Provide a Stellar Customer Service: Tips For Online Support********1\. Prioritize Multiple Communication Channels****

To provide excellent customer service, be available wherever your customers want to reach you. That means providing various channels of support, including social media support. 

Some people hate phone calls but love texting, while others want to shoot a quick email or DM you on Instagram. The best online stores let me choose – like that clothing shop that lets me track my order through text, ask sizing questions on chat, or call them about complicated returns. It shows they respect how you prefer to communicate instead of forcing you to use their one preferred channel.

So, good customer service plays a key role in customer satisfaction, and it should be multichannel customer support. And what about you, how many channels does your brand offer to contact your team?

****2\. Empower Your Team with Knowledge****

Make sure your support team knows your products inside and out – they can’t help customers if they’re clueless themselves. Indeed, the product knowledge is essential. Create a searchable knowledge base where your team can quickly find answers instead of saying “Let me check on that” for every question.

Our customer, a tea company, has weekly “sip and learn” sessions where staff try new products and discuss common questions, which has cut their average response time in half. The ability to deliver almost instant answers to the customers’ questions. That’s what we call a start for the exceptional customer service. 

****3\. Implement a Full Self-Service System****

Give customers ways to help themselves with detailed FAQs, video tutorials, and searchable help centers available 24/7. That is super important for customer retention.

One of our customers, an electronics ecommerce business has this amazing interactive troubleshooting tool that walks you through fixing common issues before the customers even need to contact them. Just make sure to keep these resources updated – nothing’s more frustrating than outdated information that wastes customers’ time.  

****4\. Track Key Metrics and Analyze Performance****

You can’t improve what you don’t measure, so keep tabs on response times, customer satisfaction scores, and first-contact resolution rates. Look for patterns in customer complaints to fix underlying issues – like when that clothing store noticed a spike in size questions and added better measurement guides. Set goals for your customer service team based on these metrics, but don’t obsess over speed at the expense of actually solving problems properly.

Moreover, track and analyze your customer reviews and work with both positive customer reviews and negative ones. Here’s a tip for you: the leading ecommerce platforms also work with the so-called ‘middle customers’ (the ones that are neither positive nor negative. They are the easiest ones to become your true brand enthusiasts. 

****5\. Personalize the Customer Experience****

Use customer purchase history and preferences to make interactions feel special and relevant. One ecommerce brand, a book subscription service, remembers what genres you love and what you have already read, making their recommendations useful.

Simple touches made by your customer service representative like addressing customers by name and referencing their previous orders make people feel valued instead of just another ticket number in the queue. That is crucial if you want to be the brand that comes with the best customer service for ecommerce. 

****6\. Proactively Address Customer Issues****

A great customer service company does not wait for complaints, it reaches out when its support agents know there might be a problem. For instance, a clothing store emails you before you even notice that your package was delayed due to weather, offering options and a small discount or a free trial. 

Therefore, your customer service agent must watch social media mentions of your brand to catch issues before they escalate into full-blown problems. This customer service strategy builds trust and loyalty. 

****7\. Embrace Technology and Automation****

If you want to offer good customer service experiences, use chatbots to handle simple questions and AI to route complex issues to the right specialist. Add the frequently asked questions section to let your customers find all the answers to their questions without waiting for your reply and the personalization to help them if they contact you. 

A simple example: there’s a tech shop that uses automation to send perfectly timed setup guides after purchase, preventing tons of support calls. Just make sure there’s always an easy escape hatch to reach your ecommerce customer service team when the bot can’t help. That’s crucial if you want to deliver an excellent customer service. 

****8\. Offer Easy Returns and Exchanges****

Make returns painless with prepaid labels, clear instructions, and quick processing. Yes, in the world of e-commerce, you have to provide the customer with the possibility to return in a fast, easy and free manner.

Here’s an example. There’s a shoe company that includes a return label right in the box and lets you start the return process with a single text message. And here comes an interesting fact: Good return policies increase sales because people feel safer trying new products. 

****9\. Solicit and Respond to Feedback****

Actively ask customers how they’re doing through quick surveys after purchases or support interactions. Every ecommerce business will benefit from customer service tools or special support software that collects data about the quality of service and customer communications. 

Just a simple case from our experience. There’s a coffee subscription that sends a three-question survey after each delivery, and when somebody mentioned their packaging was excessive in the comments, they changed it within a month. Show customers that the feedback matters by implementing changes and letting them know. There’s a necessity to adapt to the changing world of customer satisfaction. 

****10\. Invest in Ongoing Training and Development****

Keep your ecommerce customer support team sharp with regular product training and customer service skill development. My cousin works at an online beauty store where they spend Friday afternoons practising tough customer scenarios and learning about new product ingredients. Well-trained agents solve problems faster and make customers happier.

****11\. Foster a Culture of Customer-Centricity****

Make customer happiness everyone’s job, not just the support team’s. One of our customers, a small electronics brand, believes that excellent service is critical and so it invites its engineers to join support calls monthly to hear customer struggles firsthand. Then their support system analyses the available customer needs and the online shopping experience and thinks of ways to improve service to customers.

Celebrate team members who go above and beyond for customers, and use customer stories in company meetings to keep their needs front and center.

****An Effective eCommerce Customer Service: Key Takeaways****

Great online customer service is crucial as it talks to your customers directly. It’s all about being focused on customer wants, needs, and expectations. Plus, since great service is important for brand success, multi-channel customer support has become the new normal for companies who want to boost the customer’s lifetime value. Response speed matters hugely, but the quality and personal touch of those responses turn one-time buyers into loyal fans who spread the word.

The best online stores use the right software like Intercom and technology to handle routine stuff while freeing up humans to solve complex problems with empathy and creativity to improve their customer experience. Track what’s working (and what isn’t) through customer feedback and solid metrics, then actually use that info to keep improving. Remember that in the digital world where competitors are just a click away, exceptional service isn’t just nice to have – it’s often your biggest competitive advantage. 

Therefore, these are the eCommerce Customer Service Best Practices that help you improve customer service and provide an amazing customer service experience. Just remember that true customer service means the real care of your customers, not just words.

****Customer Service Channels FAQ********Why is customer service important for e-Commerce businesses?****

It’s your digital storefront’s personality! Without face-to-face interaction, it’s hard to make your customers happy. When one of our customers launched her handmade jewellery store, her amazing response time and personalized packaging notes turned first-time buyers into repeat customers who shared her store all over social media. Plus, in a world where switching to a competitor takes one click, great service is often the only thing keeping customers loyal.

****What are the key challenges of providing online customer support?****

The biggest headache is managing customer expectations for instant 24/7 help when you’re a small team (or solo entrepreneur). Then there’s the challenge of explaining products people can’t touch or try on, handling shipping issues you don’t directly control, and building trust without in-person connections. For instance, a hot sauce company can struggle with international customers who fail to understand the cause of shipping delays until they create a visual tracking system that shows exactly where packages are stuck.

****How can I improve response times for customer inquiries?****

*   Create templates for common questions so you’re not typing the same shipping policy explanation fifty times a day.
*   Set up auto-responses that acknowledge messages immediately even if you’ll answer fully later.
*   Use a smartphone app connected to your help desk so you can quickly answer simple questions while on the go.
*   You can dramatically cut response times by creating a shared Google Doc where all staff will document weird questions and answers for everyone to reference.

****What are the best tools for managing eCommerce customer service?****

For small shops, Zendesk or Freshdesk are solid starting points that won’t break the bank. Gorgias is amazing if you’re on Shopify since it shows order history right alongside customer conversations. Help Scout has a super clean interface that’s easy for non-tech folks. The gaming stores often Intercom so they can chat with the customers right on their website while they are browsing, which saves from abandoning the cart multiple times.

****How can I handle difficult customers effectively?****

First, take a deep breath and remember it’s rarely personal. Listen fully before responding – sometimes people just want to be heard. Offer concrete solutions instead of excuses. Know when to give a little (like a small discount) to solve a bigger problem.

One more tip to keep in mind: if you have a super angry customer about shipping damage, remember that customer service is important and it’s imperative to react instantly. So, immediately send a replacement with a small bonus. That can help you turn your angry customer into the biggest Instagram advocate.

****What role does automation play in e-Commerce customer support?****

Automation handles the repetitive stuff so humans can focus on complex problems. Think automatic order confirmations, shipping updates, and chatbots that answer basic questions like “What’s your return policy?” The smart plant shop I order from automatically emails care instructions based on what I purchased and sends reminders when it’s time to report – this prevents tons of support questions while making me feel taken care of.

****How can live chat improve customer satisfaction?****

Live chat catches customers right when they’re considering a purchase but have questions – like when I was about to abandon a pricey camera purchase until their chat agent explained why it was worth the investment. It feels more immediate than email but less intrusive than phone calls. 

****What are the best practices for handling returns and refunds?****

Make your policy crystal clear and easy to find. Don’t make customers jump through hoops – include return labels in the original package if possible. Process refunds quickly once items are received. Be flexible when it makes sense – that clothing store that gave me store credit past their return window earned way more of my money long-term. The best companies view returns as opportunities to learn product issues and improve, not as losses to minimize.

****How can I measure the success of my ecommerce customer service?****

Track obvious stuff like response time and resolution time, but also watch customer satisfaction scores (quick post-interaction surveys) and Net Promoter Score (would they recommend you?). Look at repeat purchase rates after service interactions – my favourite coffee subscription saw that customers who had a resolved issue spent 20% more in the following six months than those who never had problems. Also, track how many support tickets you get per 100 orders – this should decrease as you improve product descriptions and FAQs.

****What are some common mistakes to avoid in online customer support?****

The biggest fails include: making customers repeat their problem to multiple agents, hiding contact information so people can’t easily reach you, using robotic templated responses without personalizing them, promising unrealistic shipping/delivery times, and not following up after resolving issues. My worst experience was with that electronics store that transferred me three times, made me re-explain my issue each time, then promised to call back and disappeared forever – I’ll never shop there again!

Featured Image via Pixabay

1.  The Basics of Ecommerce Cybersecurity
2.  Enhance customer experiences with Generative AI
3.  How Payment Orchestration Enhances Business Efficiency
4.  Software Support: 7 Essential Reasons You Can’t Overlook
5.  Future of eCommerce: Emerging Tech Shaping Online Retail in 2024

eCommerce Customer Service Tips For Online Support: The Basics

While countries and companies are fighting over access to encrypted files and chats, our data privacy may get crushed.

Data privacy issues are a hot topic in a world where we apparently don’t know who to trust anymore.

A few weeks ago, we reported how the UK had secretly ordered Apple to provide blanket access to protected cloud backups around the world. This week, Apple decided to pull the plug on Advanced Data Protection (ADP) for UK users.

ADP is an opt-in data security tool designed to provide Apple users a more secure way to protect data stored in their iCloud accounts. Enabling ADP would ensure that even Apple could not access the data, which would mean that Apple was unable to hand over any information to law enforcement.

Something similar happened when Sweden’s law enforcement and security agencies started to push legislation which would force Signal and WhatsApp to create technical backdoors, allowing them to access communications sent over the encrypted messaging apps. The proposed bill prescribes that companies like Signal and WhatsApp need to store all messages sent using the apps.

President of the Signal Foundation, Meredith Whittaker, told Swedish SVT News that the company will leave Sweden if the bill becomes a reality.

So basically, by seeking to obtain encryption backdoors, which are not likely to remain exclusive, these governments are undermining the data privacy options of their citizens. A backdoor can and will eventually be found by those that we absolutely didn’t want to snoop around in our backups and chat logs.

It doesn’t just affect the countries at the heart of the request. The US director of national intelligence is reportedly going to investigate whether the UK broke a bilateral agreement by issuing the order that would allow the British to access backups of data in the company’s encrypted cloud storage systems,

The bilateral agreement in question is the Clarifying Lawful Overseas Use of Data Act (CLOUD Act) Agreement, which—among other things—bars the UK from issuing demands for the data of US citizens and vice versa. The CLOUD Act primarily allows federal law enforcement to compel US-based technology companies via warrant or subpoena to provide requested data stored on servers regardless of whether the data is stored in the US or on foreign soil. Provisions in the act state that the United Kingdom may not issue demands for data of US citizens, nationals, or lawful permanent residents, nor is it authorized to demand the data of persons located inside the US.

Globally, governments and law enforcement agencies continue to seek more control over data through new legislations and rules. States regulate data to protect national security and provide domestic firms access to user (and anonymous) data to boost competitiveness, ease law enforcement’s qualms when accessing data, and ward off foreign surveillance.

But at the end of the day, the criminals that law enforcement agencies are after, will end up using expensive private phone networks, and the general population will be left with tools that have been broken on purpose. Backdoors that have been created will be waiting for cybercriminals to find the cracks and access our “encrypted” data.

Meanwhile, privacy is recognized as a universal human right while data protection is not. And it should be. Even if we think we “have nothing to hide” cybercriminals will find a way to use that data against us, if only to make their phishing attempts more credible. Let alone, trade and economic secrets that could fall into the hands of competitors or “unfriendly” nations.

**We don’t just report on threats – we help safeguard your entire digital identity**

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection.

Tag

#sap