deceptive websites Archives

AppWizard

October 22, 2025

Meta Introduces New Security Tools to Protect Messenger and WhatsApp Users

Meta has introduced safety tools for Messenger and WhatsApp to enhance account security and support older adults against online scams during Cybersecurity Awareness Month. Since January, Meta's security teams have disrupted nearly 8 million scam-related accounts on Facebook and Instagram. The new tools allow users to easily report suspicious messages and automatically block scam-like accounts. Meta has partnered with the National Elder Fraud Coordination Center to improve information sharing and responses to scams targeting older Americans. Scams identified include fraudulent home services and impersonation of money recovery services. In 2023, Americans aged 60 and older lost .8 billion to fraud. Older adults are advised to pause before acting on unexpected messages, avoid sharing personal information, and use official customer service channels.

AppWizard

October 3, 2025

New Android Spyware Targeting Users by Imitating Signal and ToTok Apps

ESET researchers have identified two Android spyware campaigns targeting users in the UAE, disguised as messaging applications Signal and ToTok. The first spyware family, Android/Spy.ProSpy, poses as upgrades for these apps, while the second, Android/Spy.ToSpy, specifically targets ToTok users. Both malware families were not found on official app stores and were distributed through phishing websites. The ProSpy campaign, active since 2024, uses deceptive sites to offer malicious APK files as enhancements. The ToSpy campaign, identified since mid-2022, targets ToTok backup files and has ongoing operations. Both spyware types collect extensive data, including contacts and SMS messages, and maintain persistent background operations. Google Play Protect offers some defense against these threats, and users are advised to avoid unofficial app installations.

AppWizard

October 2, 2025

Researchers uncover spyware targeting messaging app users in the UAE

Recent investigations by cybersecurity firm ESET revealed that new spyware campaigns in the UAE are targeting messaging apps. Two Android spyware campaigns, named ProSpy and ToSpy, are disguised as popular communication tools—Signal and ToTok. These spyware programs infiltrate devices through deceptive websites and unofficial app stores, enabling the theft of sensitive data such as files, contacts, and chat backups. The spyware reloads legitimate apps to create an illusion of authenticity. ESET identified command-and-control servers indicating that the ToSpy campaign is still active, and these spyware-laden apps can only be installed manually via third-party websites. The ToSpy malware was detected in June, with origins traced back to 2022, while the ProSpy campaign was also identified in June, potentially starting in 2024. Both campaigns utilize malicious Android Application Packages (APKs) disguised as enhancements to original applications.

AppWizard

October 2, 2025

ESET Research discovers new spyware posing as messaging apps targeting users in the UAE

ESET Research has identified two new families of Android spyware: Android/Spy.ProSpy and Android/Spy.ToSpy. These malware campaigns target users of secure communication apps, specifically Signal and ToTok, and are distributed through deceptive websites and social engineering, primarily focusing on residents of the United Arab Emirates (UAE). Android/Spy.ProSpy pretends to be upgrades for the Signal and ToTok apps, while Android/Spy.ToSpy targets ToTok users exclusively. Both spyware families require manual installation from unofficial sources, as they are not available in official app stores. The ProSpy campaign was first noted in June 2025 but is believed to have been active since 2024, using misleading websites to distribute malicious APKs. ESET's findings indicate that the ToSpy campaigns are still ongoing, with command and control servers still operational. The spyware collects sensitive data, including contacts, SMS messages, and files, once installed. Users are advised to be cautious when downloading apps from unofficial sources and to avoid enabling installations from unknown origins.

AppWizard

October 2, 2025

Warning: Beware of Android Spyware Disguised as Signal Encryption Plugin and ToTok Pro

Cybersecurity researchers have identified two Android spyware campaigns, ProSpy and ToSpy, targeting users in the United Arab Emirates by impersonating popular applications like Signal and ToTok. These malicious applications are distributed through deceptive websites and social engineering tactics, requiring manual installation from third-party sites. The ProSpy campaign, active since 2024, uses misleading sites to host compromised APK files marketed as upgrades to Signal and ToTok. The ToSpy campaign, initiated around June 30, 2022, also employs counterfeit sites to deliver malware. Both spyware variants aim to steal sensitive data, including contacts, SMS messages, and files. The ProSpy app, ToTok Pro, contains a button that redirects users to the legitimate ToTok download page, while the Signal Encryption Plugin misleads users into downloading the genuine app. Both spyware types exfiltrate data before user interaction and maintain persistence through a foreground service and Android's AlarmManager. ESET is tracking these campaigns separately due to their different delivery methods, and the identities of those behind the activities remain unknown. Users are advised to be cautious when downloading apps from unofficial sources.

AppWizard

October 2, 2025

ProSpy and ToSpy: New spyware families impersonating secure messaging apps

ESET researchers have identified two Android spyware campaigns, Android/Spy.ProSpy and Android/Spy.ToSpy, targeting users of secure messaging apps like Signal and ToTok. These spyware families are distributed through deceptive websites and social engineering tactics, requiring manual installation from unofficial sources. The ProSpy campaign, operational since 2024, uses fraudulent websites to distribute malicious APKs disguised as a Signal Encryption Plugin and ToTok Pro, particularly targeting users in the UAE. The ToSpy campaign, discovered in June 2025, also targets users in the UAE, utilizing fake distribution sites impersonating the ToTok app. Both spyware types request access to contacts, SMS messages, and files, exfiltrating sensitive data in the background. ESET advises users to be cautious when downloading apps from unofficial sources.

AppWizard

July 23, 2025

Threat Actors Blend Click Fraud Apps and Malware to Steal Android Credentials

Security researchers at Trustwave SpiderLabs have identified a complex cluster of Android malware that combines click fraud, credential theft, and brand impersonation. This malware exploits the Android Package Kit (APK) file format to distribute malicious applications, often through phishing messages or deceptive websites. Users are tricked into installing these APKs, which are disguised as reputable brands or promotional apps. Once installed, the malware takes advantage of Android's permission model to access sensitive resources, primarily for click fraud and traffic redirection to generate illicit revenue. Some variants engage in data collection and credential harvesting, employing advanced evasion tactics to avoid detection, such as using counterfeit Chrome applications and overlay screens. A notable variant includes a spoofed Facebook app that mimics the official interface and connects to a remote command-and-control server for instructions. The malware uses encryption and encoding to secure data exchanges and employs open-source tools to bypass Android's signature verification. Evidence suggests that the operators may be Chinese-speaking, as indicated by the use of Simplified Chinese in the code and the promotion of related APK campaigns on Chinese-speaking underground forums.

Tech Optimizer

March 18, 2025

FBI: Free file converter sites and tools deliver malware

Malware peddlers are targeting users searching for free file converter services, as reported by the FBI’s Denver Field Office. Cyber criminals use deceptive websites that promise file conversion but may deliver malware, allowing unauthorized access to victims' computers and extracting personal identifying information (PII), banking details, and passwords. Users are advised to keep antivirus software updated and scan downloaded files. A list of flagged domains includes: - Imageconvertors[.]com (Phishing) - Convertitoremp3[.]it (Riskware) - Convertisseurs-pdf[.]com (Riskware) - Convertscloud[.]com (Phishing) - Convertix-api[.]xyz (Trojan) - Convertallfiles[.]com (Adware) - Freejpgtopdfconverter[.]com (Riskware) - Primeconvertapp[.]com (Riskware) - 9convert[.]com (Riskware) - Convertpro[.]org (Riskware) Users affected by malware are encouraged to contact their financial institutions and change passwords.

Tech Optimizer

December 3, 2024

AV-Comparatives Announces 2024 Phishing Test Results: Avast and McAfee Excel in Yearly Assessment

AV-Comparatives conducted an evaluation of phishing protection in 2024, examining 1,000 phishing URLs across four quarterly assessments. Avast and McAfee achieved detection rates of 95%, though McAfee had a higher incidence of false positives. The evaluation included various antivirus programs and web browsers, with Avast leading the final quarterly test with a 95% detection rate on 250 phishing URLs. Other notable performers included Bitdefender, Kaspersky, McAfee, and Trend Micro, with G Data and Kaspersky also scoring above 90%. Phishing remains a significant cyber threat, leading to potential financial losses and identity theft. AV-Comparatives is an independent testing laboratory recognized for its assessments of cybersecurity products.

Tech Optimizer

October 25, 2024

Best Antivirus Deals: Protect your PC or Mac from just $35

This article discusses various antivirus software options available for purchase, highlighting their features and discounts. - NortonLifeLock 360 Deluxe is 61% off, supports multiple devices, offers 50GB of cloud backup, includes a VPN, Dark Web Monitoring, a password manager, and Smart Firewall. - Malwarebytes 4.0 Complete Protection is 50% off, compatible with three devices, features quick scans, customizable protection levels, and uses AI for threat detection. - BitDefender Premium Security is 30% off, protects multiple devices, includes advanced threat detection, a secure VPN, anti-tracker extension, and privacy features like microphone and webcam protection. - McAfee McAfee+ Advanced is 55% off, provides identity monitoring, up to million in identity theft coverage, a firewall, secure VPN, password manager, file shredder, and parental controls.