scammers Archives

AppWizard

December 22, 2025

Frogblight Malware Targets Android Users With Fake Court and Aid Apps

A new Android-based Trojan named Frogblight is targeting mobile users in Turkiye to steal funds from bank accounts. Identified by Kaspersky's Securelist in August 2025, it spreads through smishing, where scammers send deceptive SMS messages about legal court cases or financial aid. These messages often include links to download malicious applications disguised as legitimate support tools. The malware, which can conceal itself and deactivate on simulated devices or within the U.S., requests extensive permissions to access SMS messages and device storage. Once installed, it opens a legitimate government website to appear credible and injects JavaScript to record keystrokes during banking logins. Recent versions have added keylogging, contact list theft, and private call log collection. The malware has evolved to disguise itself as the Google Chrome browser and other tools, and its source code is available on GitHub, indicating it may be marketed as malware-as-a-service. Kaspersky advises users to avoid downloading APK files from untrusted sources and to scrutinize app permission requests.

Tech Optimizer

December 20, 2025

Identity Theft Protection vs. Antivirus: Where to Spend First

Antivirus software and identity protection services serve different purposes in digital security. Antivirus software protects devices from malware, offering real-time protection and scans, but it does not monitor personal information or financial accounts outside the device. In contrast, identity theft protection services monitor personal information like Social Security numbers and financial accounts, alerting users to potential identity theft and providing recovery assistance. The choice between these services depends on individual circumstances, with antivirus software recommended for device security and identity monitoring prioritized for those concerned about identity theft. Free strategies to enhance security include using free antivirus software, strong passwords, two-factor authentication, and regular updates to devices and software.

AppWizard

December 8, 2025

Android scam protection: How new screen sharing warnings and a 30-second pause safeguard bank app users from call scams | – The Times of India

Fraudsters are using screen sharing during phone calls to impersonate bank representatives and extract sensitive information from users, leading to unauthorized transactions. In response, Android has launched a pilot program in the U.S. to enhance user security against these scams. The program automatically detects when a call from an unknown number coincides with screen sharing on a banking app, displaying a warning and offering an option to end the call. This feature is available on Android devices running version 11 and above. It includes a 30-second pause before users can continue interacting with the call, disrupting the scammers' tactics. The feature was previously tested in the U.K., where it successfully helped users terminate risky calls and avoid financial losses. Major financial service providers, including popular fintech apps and banks, are supporting the U.S. rollout of this scam protection.

Winsage

December 5, 2025

Microsoft Silently Fixes 8-Year Windows Security Flaw

Microsoft addressed a critical vulnerability in Windows, identified as CVE-2025-9491, which had existed for nearly eight years and allowed cybercriminals to conceal malicious commands within .LNK (shortcut) files. This flaw was exploited by state-sponsored hacking groups from countries including China, Iran, North Korea, and Russia, with evidence of nearly 1,000 malicious shortcut files used in various campaigns. The vulnerability was initially downplayed by Microsoft, which stated it did not require immediate servicing. However, as exploitation increased, Microsoft eventually included a fix in its November 2025 Patch Tuesday updates, which was not publicly announced. The fix allows the entire Target command to be displayed in the Properties dialog, addressing the security risk. Research indicated that around 70% of campaigns exploiting this flaw were focused on espionage and information theft across multiple sectors.

AppWizard

December 4, 2025

Android now warns before you open banking apps during risky calls

Google is adding new in-call scam protection tools to Android for users in the United States. The feature warns users when they share screens with unknown numbers during financial app calls and includes a 30-second alert to prevent sharing sensitive banking details. This protection has already been rolled out in the UK, India, and Brazil and applies to calls involving banking applications and peer-to-peer payment platforms.

AppWizard

December 3, 2025

Android scam protection pilot pauses screen sharing after opening bank apps

Android is rolling out enhanced scam protection features in the United States to combat sophisticated social engineering tactics. For users on calls with unrecognized numbers, Android 11 and later versions will activate a warning when screen sharing is enabled while accessing banking applications. This warning appears as a pop-up with a red "End call now" button, which also terminates the screen-sharing session. The alert introduces a 30-second delay before users can proceed, disrupting scammers' tactics that create urgency. Earlier this year, this feature was tested in the UK, helping thousands of users avoid financial losses. The initiative is being piloted in the US in collaboration with fintech companies and major banks.

AppWizard

December 3, 2025

Google expands Android scam protection feature to Chase, Cash App in U.S.

Google is expanding its in-call scam protection feature for Android to include various banks and financial applications in the United States. This update supports fintech platforms like Cash App, which has 57 million users, and the JPMorgan Chase mobile banking app, with 50 million downloads on Google Play. The feature, initially launched in May and integrated into Android 16, alerts users when they are using a financial app during a call with an unknown number, warning them that the caller may not be legitimate. The alert remains visible for 30 seconds, allowing users to reassess the situation. The feature is compatible with Android 11 and later versions and was previously tested in the U.K., Brazil, and India. Users are advised to remain vigilant and avoid risky behaviors that could compromise their security.

AppWizard

December 2, 2025

Google’s new ‘Call Reason’ feature might just save you from ignoring the wrong call

Google is introducing a new feature called "Call Reason" in the Phone by Google app, currently in beta testing. This feature allows users to mark calls to saved contacts as urgent, indicating the call's importance before the recipient answers. The urgent label is displayed prominently on the incoming call screen and remains visible in the call history. The feature is limited to saved contacts to prevent misuse by scammers.

Tech Optimizer

December 2, 2025

When AI Breaks Bad: The Rise of Ransomware and Deepfakes

Artificial Intelligence (AI) is transforming the cybersecurity landscape by enabling sophisticated cyberattacks, such as ransomware and deepfakes. Ransomware has evolved from manual coding to AI-driven automation, making attacks more efficient and harder to stop. AI automates the targeting of victims by analyzing large datasets to identify vulnerabilities. Machine learning allows malware to change its form to evade detection, and ransomware can operate autonomously within networks. Phishing attacks have become more convincing through AI-generated messages that mimic real communications. Deepfakes can create realistic impersonations, leading to financial fraud and extortion, as demonstrated by a 2024 incident resulting in a million loss. Deepfakes also pose risks for manipulation and disinformation, affecting public perception and market dynamics. On the defensive side, AI is utilized in cybersecurity to detect and prevent attacks through anomaly detection, zero-trust security models, and advanced authentication methods. Human training and awareness are crucial for recognizing AI-generated threats. Effective defense requires regulations, shared accountability, and preparedness within organizations, including continuous monitoring and employee training. Collaboration between public agencies and private security firms is essential for a robust response to cyber threats.

AppWizard

December 1, 2025

Government warns WhatsApp, Telegram and other messaging apps: Within 90 days, make sure your app stops working if… – The Times of India

By February 2026, India's telecom authority will implement a SIM binding policy requiring users to continuously verify their registered SIM cards for messaging applications like WhatsApp to combat cyber fraud. Users will be logged out of web versions of these apps after six hours, necessitating re-authentication via QR code. Messaging platforms have a 90-day period to comply with this requirement, which means apps will stop functioning if the registered SIM is removed. The new regulations classify these platforms as Telecommunication Identifier User Entities (TIUEs), expanding regulatory oversight. Challenges may arise for travelers and multi-device users, as they may face difficulties maintaining access to services. Critics, including industry insiders, question the feasibility and effectiveness of the policy, calling it problematic and an overreach. Messaging platforms must comply by early 2026 to avoid regulatory consequences.