A new cyber campaign is exploiting Zoom’s remote control feature to install malware, exfiltrate data, and hijack victim devices, researchers have warned.

The attack, linked to a threat group called Elusive Comet, tricks users into granting remote access during fake Zoom interviews arranged via bogus Calendly links and spoofed Bloomberg emails. Once on the call, attackers rename themselves “Zoom” to make their remote control request look like a harmless system notification.

Trail of Bits, who uncovered the attack, warned that “users habituated to clicking ‘Approve’ on Zoom prompts may grant complete control of their computer without realising the implications.” This method bypasses technical vulnerabilities and instead relies on exploiting normal user behaviour and trust in legitimate platforms.

Security experts say the incident highlights the growing threat of ‘living off trusted services’ (LOTS) attacks, with Mimecast noting over five billion such threats were flagged in late 2024 alone. Using Zoom and Calendly links makes these attacks harder to detect and block.

Businesses can protect themselves by blocking Zoom’s remote control permissions, encouraging browser-based meeting tools like Google Meet, hardening authentication with security keys, and training staff to spot suspicious activity during video calls.

A pioneering new facility in Weymouth, Dorset, is taking an innovative approach to tackling climate change by extracting carbon dioxide directly from seawater.

Why?

While most climate efforts focus on cutting emissions or capturing carbon from the air, the SeaCURE project, developed by scientists from Plymouth Marine Laboratory (PML) and the University of Exeter, is tapping into the ocean’s natural role as a carbon sink.

Currently, the ocean absorbs around 25 per cent of the carbon dioxide (CO₂) humans release each year. However, as atmospheric CO₂ levels rise, so too does the concentration of dissolved carbon in seawater, thereby contributing to ocean acidification and threatening marine ecosystems.

SeaCURE’s new project aims to boost the ocean’s capacity to absorb even more CO₂, while simultaneously helping to remove some of the excess greenhouse gases already contributing to global warming.

What Is SeaCURE And Who Is Behind It?

SeaCURE is a collaborative project led by the University of Exeter’s Global Systems Institute, with key partners Plymouth Marine Laboratory, Brunel University London, and industrial water treatment specialist Eliquo Hydrok.

Backed by a £3 million grant from the UK Government’s Department for Business, Energy & Industrial Strategy (BEIS), SeaCURE is part of the Net Zero Innovation Portfolio’s Direct Air Capture & Greenhouse Gas Removals Innovation Programme. It is one of 15 pilot projects across the UK tasked with developing cutting-edge climate solutions.

How Does SeaCURE Actually Work?

The SeaCURE plant, discreetly tucked behind Weymouth’s SEA LIFE Centre, operates a relatively simple yet ingenious process:

– Seawater is pumped ashore from the English Channel via an existing intake pipe.

– Part of the water is treated to become more acidic. This triggers the dissolved CO₂ to form bubbles of gaseous carbon dioxide, much like opening a fizzy drink.

– The CO₂ gas is “stripped” out using a stainless steel tank system designed to maximise contact between the acidified water and the air.

– The captured gas is then drawn off and stored using activated carbon derived from coconut husks.

– The treated seawater is neutralised by adding an alkali solution before it is returned safely to the ocean.

Professor Tom Bell of Plymouth Marine Laboratory likens the CO₂ extraction process to “pouring a fizzy drink over a large surface,” allowing the carbon to escape quickly and be captured.

Why Target Seawater Instead Of Air?

While direct air capture of carbon has been a growing focus in climate tech circles, seawater offers some compelling advantages. For example, seawater actually contains about 150 times more CO₂ than the air. This means that, as Dr Paul Halloran, leader of the SeaCURE project says, it’s “potentially much more efficient to work with.”

Challenges

It’s worth noting here that extracting CO₂ from seawater in this way is certainly not without its challenges. For example, the energy requirements to acidify and neutralise seawater on a large scale are significant, meaning that scaling up would need to be paired with renewable energy sources, such as floating solar installations at sea.

The Scale Of The Pilot

As it currently stands, the SeaCURE pilot plant can remove up to 100 tonnes of CO₂ annually, which is less than the emissions from a single transatlantic flight! However, the potential is enormous.

For example, according to SeaCURE’s initial projections, processing just 1 per cent of the world’s surface seawater could, in theory, remove 14 billion tonnes of CO₂ each year! For comparison, global annual CO₂ emissions currently sit around 37 billion tonnes.

As Dr Oliver Geden, a carbon capture expert at the Intergovernmental Panel on Climate Change, notes that while “capturing directly from seawater is one of many options,” the ultimate choice will depend heavily on cost and scalability.

What About Marine Life?

Altering the chemistry of seawater raises understandable concerns about marine ecosystems. Early results from a parallel research strand led by Guy Hooper, PhD researcher with PML and the University of Exeter, suggest caution.

Hooper has been conducting laboratory experiments exposing marine organisms, such as phytoplankton and molluscs, to “low-carbon” water produced by the SeaCURE process.

“Marine organisms rely on carbon to perform essential processes,” Hooper explains. “Phytoplankton need it for photosynthesis, and creatures like mussels use it to build their shells.”

Initial findings indicate that large-scale release of low-carbon water could have some impact on marine life, although techniques such as pre-diluting the water before discharge could help mitigate risks.

“It’s vital we consider these impacts now, at the pilot stage, rather than later,” Hooper adds.

Early Days, But Big Implications

The SeaCURE project represents a significant step forward in exploring ocean-based carbon dioxide removal (CDR), an area that has received far less attention than land-based efforts.

Energy minister Kerry McCarthy has praised the project’s promise, stating: “Innovative projects like SeaCURE play an important role in creating the green technologies needed to reach net zero, while also supporting skilled jobs and economic growth.”

Although SeaCURE is still small-scale, its success could pave the way for a new generation of climate solutions that work with the ocean rather than against it. Should SeaCURE and similar projects prove viable at scale, they could complement broader efforts to curb emissions and offset unavoidable carbon outputs.

What Does This Mean For Your Organisation?

The SeaCURE project is in its infancy, but it still offers a glimpse into how innovation, science, and environmental stewardship could come together to tackle one of the greatest challenges of our time. By focusing on seawater, rather than solely the atmosphere, the researchers have opened up a new frontier in carbon removal that could eventually be scaled to global significance. That said, it’s clear that scaling something like this up will not be straightforward. The energy demands, potential ecological impacts, and cost considerations will all need to be carefully managed if SeaCURE and projects like it are to realise their full promise.

For UK businesses, particularly those operating in the green technology, energy, and marine sectors, SeaCURE’s early success could signal exciting new opportunities. Companies involved in renewable energy, carbon capture, and environmental monitoring, for example, may find themselves at the forefront of supporting or supplying future large-scale rollouts of this technology. Meanwhile, industries with significant carbon footprints could, in time, benefit from having new, credible carbon offset options grounded in science-backed marine solutions.

However, the implications extend far beyond business. Policymakers, environmental groups, and the wider public will all have a stake in how ocean-based carbon removal strategies develop. Ensuring that environmental safeguards are embedded from the start will be crucial in maintaining public trust and protecting the marine ecosystems we all depend on. As research continues and the pilot gathers more real-world data, SeaCURE’s work will provide invaluable lessons about what is possible, what is practical, and what must be handled with care.

While SeaCURE cannot replace the urgent need to slash emissions at source, it could well become a vital piece of the wider climate puzzle. If it does, it will have started not with grand fanfare, but with a small pipe under a beach in Weymouth, and a few determined scientists refusing to accept that the ocean’s vastness was beyond our ability to protect and restore.

LinkedIn is the undisputed king when it comes to business social media platforms so it makes sense to ensure your profile on their portal is top-notch. Here’s half a dozen ideas to keep your LinkedIn profile up to scratch.

[Note – To Watch This Video without glitches/interruptions, It may be best to download it first]

Backing up your chats? Make sure your backups are also encrypted. Otherwise, they could be accessed if your cloud account is compromised.

How to:

– Open WhatsApp and tap ‘Settings’.
– Go to ‘Chats > Chat Backup > End-to-End Encrypted Backup’.
– Tap ‘Turn On’ and create a password or use a 64-digit encryption key.
– Save your password safely. If you lose it, you won’t be able to restore your backup.

Pro-Tip: Encrypting backups ensures your messages stay private even if someone breaches your cloud storage.

Rising trade tensions from President Trump’s tariffs along with growing distrust between Washington and Brussels are prompting a push across Europe to reduce reliance on US cloud providers and take greater control of its own digital infrastructure.

Why Tariffs Are Turning Up the Heat

The Trump administration’s new trade measures from the US have targeted core European exports, e.g. cars, steel, aluminium and more, with talk of extending the approach to cover digital services and data regulations. While no direct levies on cloud usage have been announced (yet), the message appears to be that under President Trump, American dominance in critical digital sectors is no longer just a commercial issue but is also a geopolitical weapon.

This perceived risk now appears to be prompting businesses to rethink their infrastructure strategies. Concerns range from the financial (rising service costs from US firms) to the strategic (fear of service disruption or forced data access under US jurisdiction). At the heart of it all is a growing sense that depending on American hyperscalers (i.e. Amazon Web Services ‘AWS’, Microsoft Azure and Google Cloud) may no longer be a neutral or sustainable position.

A Market Still Dominated by the US

Currently, around 70 per cent of Europe’s cloud market is controlled by these three US-based companies. Although that dominance has long been cause for concern in Brussels, the shift in mood post-tariffs has been more dramatic than many expected.

As Benjamin Revcolevschi, CEO of OVHcloud, says: “We’re seeing a fundamental change,” and that “strategic autonomy is now firmly on the agenda for private companies and public institutions alike.”

OVHcloud, a French firm with 43 data centres across four continents, has reported a noticeable uptick in business since the tariffs hit the headlines. The trend is echoed across Europe, with other providers such as Germany’s IONOS, France’s Scaleway, Finland’s UpCloud, and Switzerland’s Exoscale all reporting increased interest from clients looking for alternatives to the American giants.

What European Cloud Providers Are Offering Instead

While European cloud firms can’t yet match the global scale or sprawling services of the US hyperscalers, it seems that they do offer something that’s become highly prized in today’s climate, i.e. control.

For example, European providers guarantee compliance with EU data protection laws like the GDPR, operate entirely under European jurisdiction, and are generally more transparent about data processing and localisation. For many businesses, that kind of reassurance looks like it’s starting to outweigh the convenience of sticking with US incumbents.

For instance, OVHcloud and Scaleway have both leaned into these advantages, offering not only infrastructure-as-a-service (IaaS) but also managed AI platforms, sovereign cloud certifications, and high-performance compute tailored for sensitive industries. As Alexander Samsig of Norwegian consultancy Funktive says, “In 2025, the choice of cloud provider isn’t just about technology or price,” adding that “it’s about values, sovereignty, and risk management.”

This shift in priorities now appears to have put Europe’s smaller providers in a strong position, especially as concerns grow around data access, espionage, and potential US-imposed restrictions on cloud operations.

Security, Compliance and Strategic Risk

Recent high-profile warnings from European governments, including the use of burner phones during US visits by EU officials, have stoked fears that American surveillance or legal overreach could place European corporate data at risk. The EU’s long-standing discomfort with the US CLOUD Act, which allows American authorities to access data stored abroad by US companies, has only added to the pressure.

It seems that these risks are no longer hypothetical. For example, several European IT consultancies and cloud migration firms report that client questions have evolved rapidly from technical performance to compliance guarantees and jurisdictional clarity.

“What we’re hearing from clients now is: where is our data held, who can access it, and what legal systems apply?” said Jonathan Bryce of the Open Infrastructure Foundation. “That’s a different kind of conversation—and a far more strategic one.”

Policy and Investment

Politicians are responding too. For example, France’s AI minister, Clara Chappaz, has called for stricter enforcement of European digital regulations and more ambitious public support for homegrown providers. She’s also taken aim at “sovereignty washing”, i.e. where US tech firms partner with EU companies in appearance only to skirt rules around ownership and control.

To tackle this, France has now introduced the SecNumCloud standard, which bars any cloud provider from certification if it is majority-owned by a non-European parent. The idea behind it is simply that digital sovereignty means local ownership, not just local servers.

That growing political support now appears to be translating into real investment. For example, French telecoms group Iliad recently pledged €3 billion for its AI and cloud infrastructure through subsidiary OpCore. The European Commission is also reviewing public procurement rules to ensure a “European preference” for cloud services in sensitive sectors like healthcare, defence, and AI.

Realistic Challenges Ahead

However, it’s likely that the road to this kind of sovereignty won’t be easy. Analysts estimate that building a fully autonomous European tech stack (encompassing cloud, AI, semiconductors, and connectivity) could cost up to €300 billion by 2035. In fact, some US-based think tanks even put the figure closer to €5 trillion, thereby highlighting the scale of the ambition.

There’s also the technical challenge of migration to consider, i.e. switching away from a US hyperscaler is rarely a quick job. Transitions of this kind can take months or years, particularly for large enterprises with legacy systems deeply integrated into AWS or Azure ecosystems.

That said, for some firms, urgency is forcing the issue, i.e. organisations that feel directly threatened by Trump’s policies may now be looking for immediate solutions, and with every new tariff or combative press conference from the Trump administration, the trickle of interest threatens to become more like a flood.

Knock-On Effects Across the Tech Sector

Cloud isn’t the only area affected. For example, the tariffs have brought fresh attention to Europe’s dependence on US-dominated sectors like fintech, AI, and semiconductors. EU central bankers and tech ministers have renewed calls for sovereign digital payment systems and European alternatives to platforms like Visa, Mastercard, and PayPal.

The regulatory environment is also shifting. Laws like the Digital Markets Act (DMA) and Digital Services Act (DSA) are pushing US Big Tech to play fairer in Europe and, in some cases, to rethink how they operate within the bloc entirely.

This matters for cloud too, as platforms that previously felt invincible are now facing scrutiny not just for competition concerns but for how they align (or fail to align) with Europe’s legal and ethical standards.

What This Means for Business Leaders

For UK and European business leaders, all of this seems to indicate that this is a decisive moment. Cloud services can no longer be treated as neutral utilities, they’re now seen as potential sources of risk or leverage in an increasingly divided world. The takeaway is that it may be time to diversify, not necessarily by abandoning US providers overnight, but by ensuring contingency plans are in place, reviewing data locality and control, and evaluating EU-based providers not just on cost, but on strategic value.

As Mark Boost of UK cloud provider Civo put it: “A sovereign European cloud could foster an ecosystem defined by fairness and transparency, where customers can choose freely—and safely.”

The tech world may not have changed overnight but it seems, thanks to Trump’s tariffs, Europe’s digital awakening just got a powerful new push.

What Does This Mean For Your Business?

For now, the big three US cloud providers still dominate Europe’s digital infrastructure but it feels like the balance of power may be starting to shift. What began as a trade dispute over steel and cars is now exposing deeper vulnerabilities in Europe’s technological foundations, and sparking long-overdue conversations about control, security, and resilience.

European cloud providers, while still dwarfed in size, are now gaining some traction by offering something their American rivals can’t, i.e. jurisdictional certainty, local accountability, and alignment with EU values. These things now appear to have more value than ever in an era where international politics can affect whether a company’s data stays accessible, or its digital operations stay online.

Although change now seems to be afoot, it won’t happen overnight. This is because moving away from hyperscalers is complex and costly. That said, the trajectory is becoming clearer. With rising public investment, tighter regulatory frameworks, and real business demand, Europe may now be starting to sketch out an alternative vision for its digital future, one less dependent on any single foreign power.

In the UK, firms operating in regulated sectors (or with sensitive client data) may now need to reassess their risk exposure and future-proof their cloud strategies. Diversifying providers, strengthening data governance, and exploring EU-based platforms could all become part of a more resilient digital toolkit. For IT leaders, procurement teams, and strategic planners, the question may no longer be if this matters, but how quickly they can adapt.

Also, for policymakers, investors, and the wider tech ecosystem, Trump’s tariffs may have done what years of white papers could not, which is to force Europe to confront its overreliance on foreign tech infrastructure and start building a competitive, sovereign alternative. If that momentum holds, it may not just reshape the cloud market but could also redefine the digital landscape across Europe.

In this Tech Insight, we look at the rise of AI voice cloning scams, how they work, how they’ve already cost UK businesses dearly, and what practical steps you can take to protect your team and finances.

A Convincing New Threat

Artificial intelligence (AI) has changed the game for fraudsters, affording them new and more sophisticated opportunities. For example, with as little as 10 seconds of recorded speech, scammers can now create eerily accurate replicas of someone’s voice, whether it’s your boss, a family member, or even your own voice!

All Too Real

Once the preserve of science fiction, AI-generated voice scams are now alarmingly real. For example, in one high-profile UK case, a CEO’s voice (of a UK energy firm – back in 2019) was cloned and used to trick an employee into transferring £200,000 to a fraudulent account. The call was convincing, urgent, and executed with chilling precision, with the result being that the money was gone in minutes.

Unfortunately, this certainly wasn’t a one-off. For example, it was clear from the beginning of 2024 that AI voice scams were on the rise across the UK and globally. For example, according to the FBI in the U.S., senior citizens there had lost $3.4 billion to fraud (in 2023), with AI making these scams more “believable and scalable.” Also, Starling Bank reports that over a quarter (28 per cent) of UK adults have been targeted by AI voice scams in the past year, yet nearly half remain unaware this type of fraud even exists. It seems, therefore, that the technology is outpacing public awareness.

When Did This Start?

While telephone scams have been around for decades, this new twist is voice cloning. Using generative AI tools (many of which are freely available) means fraudsters can replicate someone’s speech patterns, tone and even emotional inflection. The result is a synthetic voice so convincing that even close family members or long-standing colleagues may not detect the ruse.

Although high-profile cases date back to 2019 (as mentioned earlier), it’s only since 2022 that voice cloning has become truly accessible to scammers. For example, companies like ElevenLabs and Microsoft have demonstrated advanced text-to-speech models capable of near-human performance, and cybercriminals have been quick to adopt them.

How?

These scams typically begin with audio scraped from social media, corporate videos, or even voicemail greetings. A scammer feeds that audio into a cloning tool, crafts a script, and then makes a real-time phone call (or sends a voice message) that sounds like it’s from someone the victim knows and trusts.

The Anatomy of a Voice Scam

The aim of the scam is always the same, i.e. money or obtaining sensitive (valuable) information. Here’s a brief example of how this type of fraud often plays out:

– Reconnaissance. The attacker identifies a target, e.g. typically a finance employee or executive assistant. They gather personal or corporate audio from YouTube, LinkedIn, or company webinars.

– Cloning. The voice is synthesised using AI. This takes minutes, not hours.

– The call. A fake crisis is created. Perhaps the “CEO” is stranded abroad and needs urgent help wiring money. Perhaps a family member has been in an accident. The voice sounds real, and it’s filled with stress.

– The ask. Under pressure, the victim sends funds or divulges login credentials. The scammer hangs up. It’s already too late.

In a recent experiment by cybersecurity expert Jake Moore, a cloned voice convinced a financial director to transfer £250, all within 15 minutes of setup. While this was staged for demonstration, it proves how easily such scams can succeed.

Why Businesses Are Prime Targets

While consumers are vulnerable, it’s businesses (particularly SMEs) that face the most serious risk. Impersonating a family member might net a few thousand pounds, but impersonating a company executive could yield hundreds of thousands.

Cybercriminals also know that businesses often have looser verification standards than banks. An email might not raise suspicion and a familiar voice on the phone even less so. Also, scammers know that adding urgency can mean that routine checks can be bypassed and, because the voice on the line appears to be someone in authority (like the MD or FD), staff are often too intimidated to question it.

Practical Steps to Protect Your Business

Fortunately, there are some clear and actionable ways to reduce your risk. These include:

1. Introduce a verification protocol for financial requests

Never authorise a payment or password change based on a phone call alone. Always require secondary confirmation, ideally in writing via a known secure channel.

2. Create an internal code phrase system

Set up internal “safe words” for your senior staff members/leadership team. These can be used during sensitive calls or unexpected requests to prove identity. Ensure everyone knows never to share the code until it’s been requested.

3. Train your team to pause and question

Run short awareness sessions. Teach staff how to recognise red flags i.e., urgency, secrecy, requests to bypass usual procedures. As a good rule of thumb, if it feels off, check it out.

4. Use call screening and voice detection tools

Enable spam filtering and voicemail screening on business phones. There are now tools that analyse voices for signs of synthetic generation (although this tech is still developing).

5. Limit public audio exposure

Think twice before publishing unedited video or voice content of your executive team online. This is because cloning starts with access to audio. Therefore, the less you share, the safer you are.

6. Lock down social media accounts

Fraudsters don’t just steal voices, but they also scan for job titles, family names, and routines. Encourage employees to keep LinkedIn profiles professional and avoid sharing holiday plans or personal updates on public platforms.

What If You Suspect a Scam?

If you receive a suspicious call or voicemail, hang up and verify. Contact the person directly using a trusted number or through another platform. If a payment has been made, inform your bank immediately and report the fraud to Action Fraud (UK’s national reporting centre for cybercrime).

Also, consider submitting a report to the National Cyber Security Centre (NCSC) or your local police cyber unit.

A Human Problem, Not Just a Tech One

AI may be the tool, but emotion is the weapon. Scammers rely on panic, fear and split-second decisions. If your staff are prepared, trained and empowered to question, your business is far less likely to fall victim.

As Ben Colman, CEO of US-based deepfake detection company Reality Defender, puts it: “Any strategy that relies on detecting voice glitches is now outdated. You won’t hear the difference. You need process-based defences, not your ears.”

What Does This Mean For Your Business?

The rise of AI voice cloning scams is a clear warning sign that digital defences alone are no longer enough. This is because these attacks don’t break through firewalls or exploit software bugs but they exploit trust, urgency, and the human instinct to respond quickly in a crisis. That’s what makes them so dangerous, and so effective.

For UK businesses, especially SMEs, the implications are obviously serious. With increasingly accessible AI tools and huge volumes of voice data publicly available online, any organisation could find itself targeted and, with voice-based scams becoming more refined, even cautious staff can be caught off guard. The financial losses can be significant, but the reputational damage and operational disruption that follow may be just as damaging.

It’s worth noting that this is not just a technology issue – it’s a leadership one. Business owners, directors, and department heads need to recognise that if someone can sound like them on the phone, the usual rules of communication need to change. Setting up internal code words, creating structured verification processes, and training employees to pause before reacting are all small steps that can make a big difference.

Other stakeholders also have a role to play. For example, regulators will need to keep pace with how generative AI is being misused, while technology providers must consider safeguards that prevent voice models from being abused. Insurers, too, may need to begin scrutinising how businesses prepare for this specific type of fraud, just as they do with phishing or ransomware.

It’s likely that businesses that fare best will be those that treat this risk as both a technical and human challenge. The most advanced AI tools in the world won’t help if staff still believe that a familiar voice guarantees authenticity. Trust is no longer a voice on the other end of the line but is a process, backed by policies and shared across the team.

If your business hasn’t already had this conversation, then now may be a good time to start because, when the call comes in, it won’t be obvious that it’s fake, and that’s exactly the point.