fraud Archives

AppWizard

April 10, 2026

Kazakhstan Considers National Messaging App Aitu for Insurance Companies – The Times Of Central Asia

Kazakhstan’s Agency for Regulation and Development of the Financial Market is considering the domestic messaging platform Aitu for communication between insurance companies, non-bank financial institutions, and their clients. The regulator has encouraged market participants to assess Aitu as a communication tool aimed at enhancing personal data protection. Concerns have been raised about Aitu’s user base, functionality, integration costs, and the absence of clear regulatory guidelines for handling personal and financial data. The adoption of Aitu is not mandatory but is seen as a potential secure communication channel. Aitu’s infrastructure supports high data protection due to localized servers in Kazakhstan, which reduces risks of cross-border data issues. The platform features end-to-end encryption and biometric identification through Aitu Passport, aiming to enhance user verification and minimize phishing and identity theft risks. The agency noted that open APIs and business dashboards could allow financial institutions to integrate with Aitu cost-effectively. Additionally, government agencies and quasi-state companies have been encouraged to use Aitu for official communications.

AppWizard

April 3, 2026

Russian officials discover fraudsters in Minecraft – they are using children in their schemes

Fraudsters are exploiting in-game chats in Minecraft to deceive young players, particularly in Russia. They initiate contact with children in the game, then move the conversation to Telegram, posing as "cybersecurity officers" and claiming that the children have shared sensitive information. They threaten detention to coerce minors into stealing money from their parents to give to couriers. Authorities have issued warnings to raise awareness among children and parents about these deceptive tactics.

Tech Optimizer

April 1, 2026

EDB Postgres AI for WarehousePG: Reclaiming control of the enterprise data warehouse

Many enterprises are transitioning from traditional proprietary data warehouse platforms, such as Teradata and Snowflake, due to issues like vendor lock-in, unpredictable pricing, and limited flexibility. EDB Postgres® AI (EDB PG AI) offers WarehousePG, an open-source, petabyte-scale data warehouse built on Postgres, designed to provide control, predictability, and data sovereignty while maintaining performance. WarehousePG utilizes a massively parallel processing (MPP) architecture, allowing it to efficiently execute complex queries across large datasets. It offers predictable performance without proprietary constraints, enabling organizations to avoid vendor-controlled execution engines. WarehousePG supports hybrid storage and SQL access to external data lakes through the Platform Extension Framework (PXF), simplifying ETL processes. It includes FlowServer for real-time data ingestion and supports in-database AI and machine learning, allowing for advanced analytics without transferring data outside the warehouse. The platform is engineered for high availability and enterprise readiness, with features like workload management and observability. Migration from legacy platforms is facilitated through a low-risk modernization pathway. Overall, WarehousePG provides a modern alternative to traditional data warehouses, emphasizing architectural control and open-source economics.

AppWizard

March 30, 2026

Google Significantly Restricts Popular Android Feature

Google is transforming the Android operating system to enhance security by imposing stricter regulations on app distribution, particularly affecting sideloading. Developers will be categorized as verified or unverified, with registered developers benefiting from a streamlined app distribution process. New regulations will introduce a four-step process for installing apps from external sources, including a 24-hour timer before installation. This aims to deter fraud but may discourage users from pursuing alternative apps. The restrictions could limit opportunities for independent developers and reduce the diversity of available applications on the platform, shifting Android towards a more controlled environment.

AppWizard

March 24, 2026

Russia pushes unencrypted Max messenger as WhatsApp, Telegram face restrictions

The Max messenger app, launched by VK in March 2025, has gained popularity in Russia, particularly as the government restricts messaging apps like WhatsApp and Telegram. The app combines messaging, social media, government services, digital identification, and banking. President Vladimir Putin supports it as a means to achieve "technological sovereignty," and a law designates Max as a "national multifunctional messenger." Digital Development Minister Maksut Shadayev has promoted Max, which is also featured prominently on state television. Although not mandatory, there is significant pressure on citizens to use it, with schools and corporations transitioning communications to Max. As of March, the app surpassed 100 million users and is on Russia's "white list" of digital services that remain operational during internet blackouts. Since September, it has been pre-installed on all phones and tablets sold in Russia, with the RuStore app store being mandatory for Apple devices. Max does not offer end-to-end encryption, and user data is stored on Russian servers, with policies allowing data sharing with authorities. Critics, including the Budushcheye political movement, express concerns about surveillance and the app's functionality as a "digital trap." Despite government assurances, disruptions on Telegram and WhatsApp have been reported, with limitations on calls initiated by the government citing non-cooperation from these foreign-owned services.

AppWizard

March 23, 2026

FBI Warns of Russian Hackers Targeting Messaging Apps – The Advocate-Messenger

The FBI has issued a warning about phishing campaigns conducted by cyber actors linked to the Russian Intelligence Services (RIS), which target commercial messaging applications (CMAs). These actors have compromised numerous individual accounts, focusing on individuals with significant intelligence value, such as U.S. government officials and journalists, without breaching the encryption of the applications. The campaigns have allowed unauthorized access to private messages, contact lists, and the ability to send deceptive messages. Users of CMAs, especially Signal, are particularly targeted. The phishing tactics involve disguising messages as communications from automated CMA support, leading victims to click malicious links or provide sensitive information. To mitigate risks, users are advised to enhance their cybersecurity measures, remain vigilant, and follow best practices such as scrutinizing links, verifying group chats, and reporting suspicious activity to the Internet Crime Complaint Center or local authorities.

AppWizard

March 20, 2026

Google eases Android app sideloading rules after

Google is implementing a policy change to allow easier installation of Android applications from sources outside its Play Store, following an antitrust settlement. This includes an "advanced flow" option that lets users bypass mandatory app verification safeguards through a structured process. The changes aim to balance user choice with protections against scams and malware risks. Previously, Google required all Android applications to be registered by verified developers to mitigate risks like malware and fraud. The new process requires users to enable developer mode, restart their devices, and undergo a waiting period of up to 24 hours before verifying their identity with biometrics or a PIN to install apps from unverified developers. Users can install these apps temporarily for up to seven days or indefinitely, with ongoing warning prompts. Additionally, Google is offering free, limited app distribution accounts for students and hobbyists to share apps without full developer verification.

AppWizard

March 20, 2026

Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams

Google has introduced a new "advanced flow" for Android sideloading, which includes a mandatory 24-hour waiting period for users installing applications from unverified developers. This follows a developer verification mandate requiring all Android applications to be registered by verified developers to help identify malicious actors and reduce malware distribution. The new sideloading protocol aims to mitigate risks from cybercriminals who may deceive users into disabling Play Protect, Google's anti-malware feature. Over 50 app developers and marketplaces, including F-Droid and Brave, have expressed concerns about the registration requirements, arguing they could create barriers and raise privacy issues. Google has outlined a one-time process for sideloading apps, which includes enabling developer mode, confirming voluntary sideloading, restarting the device, waiting 24 hours, and using biometric authentication or a PIN to install apps. Google plans to introduce free "limited distribution accounts" for hobbyist developers and students to share apps with up to 20 devices without needing government-issued IDs or registration fees. This process will not apply to installations via the Android Debug Bridge (ADB) and is set to be available in August 2026, ahead of new developer verification requirements. This announcement comes as a new Android malware, Perseus, targets users in Turkey and Italy, with at least 17 distinct Android malware families identified in the past four months.

AppWizard

March 20, 2026

Google introduces a new way for users to sideload Android apps that still protects against scams

Google has announced a new "advanced flow" setting that simplifies the process for Android users to install applications from sources outside the Play Store by allowing them to disable a verification requirement. This change responds to user demand for more flexibility in app installation, despite the associated risks of unverified applications. Previously, Google required all Android apps to be registered by verified developers to prevent malware and fraud. The new setting involves enabling developer mode, followed by a verification check to ensure users are not being scammed, a phone restart, and a protective waiting period of one day before confirming the change. Users can choose to enable the option to install apps from unverified developers for seven days or indefinitely, with a warning provided for unverified apps. Additionally, Google is offering free distribution accounts for students and hobbyists to share apps with a small group without ID verification. These changes follow a legal settlement with Epic Games, resulting in reduced Play Store commissions to 20% on in-app purchases.

AppWizard

March 19, 2026

RUSSIA Mammut virus hits Russia’s patriotic messaging app

A virus known as Mamont is targeting users of the messaging platform Max, which has 100 million registered profiles. Mamont infiltrates online banking applications and spreads primarily through family and parental chat groups, allowing cybercriminals to steal payment information. The virus often begins with a deceptive message prompting users to click, leading to the silent download of a Trojan that siphons off data. Despite claims from the Max press service that the virus's spread is exaggerated, concerns remain about the security of user data, particularly given that all communications on Max are monitored by the state. Many users resort to using a second device, referred to as Maxofon, to comply with the platform's requirements while keeping their primary device for other applications.