Security News

Pyramid-scheme cryptocurrency scammers are exploiting Apple's Enterprise Developer Program to get bogus trading apps onto their marks' iPhones. They scammers are using a loophole that allows enterprise mobile device management programs to control corporate-owned iOS devices, according to Sophos' analysis, via Apple's Enterprise Developer program - specifically, the Apple Enterprise/Corporate Signature feature.

All those dubious excuses needed by traditional romance scammers to talk you into using wire transfer services to send money, or into buying them gift cards and sending through the redemption codes, are replaced by a sense of structure: there's a genuine app for this investment! The cryptorom scammers will even offer you an app if you have an iPhone, where Apple's "Walled garden" approach of requiring all consumer app downloads to come from the Apple App Store almost certainly persuades many victims that the cryptorom app must indeed have some sort of official authorisation or approval.

BEC scams use various tactics to compromise or impersonate business email accounts with the end goal of redirecting pending or future payments to bank accounts under a threat actor's control. One of the case examples in the indictment document seen by Bleeping Computer, mentions a single transaction of $356,954, sent by a victim in Boston to what they thought was the bank account of their business partner.

The Security Service of Ukraine has taken down a network of six call centers in Lviv, used by a ring of scammers to defraud cryptocurrency investors worldwide. Fraudsters behind these illegal call centers used VoIP phone numbers to hide their locations while scamming thousands of foreign investors.

Police have issued an urgent warning after an elderly man was scammed out of £30,000 by phone fraudsters pretending to be from BT. The incident happened last Thursday, prompting West Mercia Police to issue a bulletin warning people to be on their guard against suspicious phone calls. Once the app was downloaded, they then convinced the man to log in using his online banking details and thereafter to transfer a sum of money to another account for "Safekeeping."

This week, threat actors hijacked Bitcoin.org, the authentic website of the Bitcoin project, and altered its parts to push a cryptocurrency giveaway scam that unfortunately some users fell for. Bitcoin.org hacked to run 'double your money' scam.

" A scarily exploitable hole in Microsoft open source code. Memory lane: cool mobile devices from the pre-iPhone era.

A new Elon Musk-themed cryptocurrency giveaway scam called the "Elon Musk Mutual Aid Fund" or "Elon Musk Club" is being promoted through spam email campaigns that started over the past few weeks. Before you dismiss these scams, saying that no one falls for them, similar crypto scams have been hugely successful and have generated hundreds of thousands of dollars in the past.

An IT recruitment agency says a "Phishing scam" is behind a fake email sent to its customers with details on how to apply for a "Coronavirus Digital Passport." The email - sent to applicants and clients of Concept Resourcing, based in Dudley, England, on 14 September and seen by The Reg - claimed users could "Get your Digital Coronavirus Passports today" and showed recipients a big juicy link where they could do so.

The FBI warned today that a massive spike of online romance scams this year caused Americans to lose more than $113 million since the start of 2021. The scammers behind this type of online fraud trend - which can lead to significant financial losses and devastating emotional scars - use fake online identities to gain potential victims' trust on dating or social media platforms.