scammers Archives

AppWizard

February 14, 2025

Android 16 will fight scammers by blocking certain features during phone calls

Google is developing a new security feature for Android 16 that will block changes to sensitive settings during phone calls to protect users from phone scams. This feature will prevent users from enabling sideloading permissions and granting accessibility access while on a call. A warning message will be displayed if users attempt to make such changes, informing them that these actions are prohibited during calls. The sideloading permission is disabled by default, but users can enable it through settings, except for those with Advanced Protection Mode activated. These security features are expected to be included in the public release of Android 16 later this year.

Tech Optimizer

February 3, 2025

Regularly Update Software and Devices: A Crucial Step in Crypto Security

Regularly updating software, wallets, operating systems, and antivirus programs is essential for cryptocurrency security. Updates patch vulnerabilities that hackers may exploit, safeguard against new threats, enhance compatibility with new features, secure operating systems, and improve phishing and scam prevention. Keeping hardware wallet firmware up to date is crucial for security and compatibility. Regular updates to antivirus software protect against malware that could compromise cryptocurrency. Establishing a routine for updates, enabling automatic updates, checking for manual updates, and backing up data before updating are recommended practices. Delaying critical updates increases exposure to security risks.

AppWizard

February 3, 2025

Google will now automatically revoke permissions from harmful Android apps

Google has introduced a new feature in its Play Protect service that automatically revokes permissions

AppWizard

February 3, 2025

Google can now auto-disable permissions from risky Android apps

Google Play Protect is enhancing security for Android devices by automatically disabling app permissions for potentially harmful applications, preventing access to sensitive information. Users can restore permissions but must confirm their decision, promoting caution. Play Protect scans all apps, including sideloaded ones, and blocks harmful applications based on threat levels, scanning over 200 billion apps daily. It also prevents users from disabling Play Protect during phone and video calls to combat social engineering scams. In 2024, Google blocked 2.36 million policy-violating apps and banned over 158,000 fraudulent developer accounts, introduced live threat detection for Pixel devices, and launched a verification badge for trustworthy VPNs.

Tech Optimizer

February 2, 2025

Microsoft thinks it could stop this dangerous scam forever

Microsoft has launched a new ‘Scareware blocker’ feature for Edge web browsers on Windows PCs, designed to enhance user protection against tech support scams. This machine learning threat detection software identifies signs of scareware in real-time and aims to reduce the prevalence of such scams, which cost victims millions annually according to the FBI. The technology analyzes new websites and uses a SmartScreen feature for global protection, processing information locally without uploading images to the cloud. When a potential threat is detected, Edge exits full-screen mode, stops aggressive audio playback, and alerts the user. Users can report malicious sites or inaccuracies to improve the model. The feature is available to all Edge users upon updating their browser.

AppWizard

December 24, 2024

Russian authorities reportedly weigh blocking messaging app calls

Russia's Digital Development Ministry and the federal censorship agency Roskomnadzor are considering changes to the regulation of voice calls through messaging apps to address rising fraud. They are evaluating a potential ban on such calls or restrictions on those originating from abroad, as around 40% of calls through these platforms are fraudulent, with 70% traced to foreign numbers. Telecom operators have expressed concerns about their inability to block these calls independently and are seeking collaboration with Roskomnadzor and messaging app developers. Roskomnadzor has the technological means to block calls if apps violate Russian law, but the Digital Development Ministry is not currently drafting regulations to restrict voice traffic on messaging apps and remains open to industry proposals.

Tech Optimizer

December 4, 2024

How hackers are using corrupted Microsoft Office files to fool everyone

Corrupted Microsoft Office documents and ZIP files are being used in a phishing campaign that evades antivirus detection, as reported by cybersecurity firm ANY.RUN. This tactic, active since at least August 2024, involves corrupting files to bypass email security protocols while allowing harmful content recovery. The documents are designed to avoid detection by email filters and antivirus software, using QR codes to direct users to fake Microsoft account login pages. Analysis shows these attachments often do not trigger alerts on VirusTotal, as they exploit Microsoft Word and WinRAR's recovery features. This method is categorized as a potential zero-day exploit, aiming to deceive users into opening the files and activating the QR codes for credential harvesting or malware delivery. Security experts stress the importance of user awareness and training to identify phishing attempts, while organizations are enhancing email filtering to detect file corruption patterns. The rise of QR code phishing, or "quishing," adds complexity, as many users are unaware of the risks of scanning codes.

AppWizard

December 3, 2024

SpyLoan Android malware on Google Play installed 8 million times

A recent investigation by McAfee identified 15 SpyLoan Android malware apps on Google Play, which collectively received over 8 million installs, mainly targeting users in South America, Southeast Asia, and Africa. These apps disguised themselves as legitimate financial tools, enticing users with false promises of quick loan approvals. Upon installation, users were required to validate their location and submit sensitive personal information. The malware harvested extensive data from users' devices, including SMS messages, GPS locations, and contact lists. Users who secured loans faced high-interest payments and harassment from the operators, who sometimes contacted the borrowers' family members. Notable apps included Préstamo Seguro-Rápido and Préstamo Rápido-Credit Easy, each with 1,000,000 downloads. Despite Google's app review processes, these malicious apps evaded detection. Users are advised to read reviews, check developer reputations, limit app permissions, and activate Google Play Protect.

AppWizard

November 30, 2024

SpyLoan Android apps on Google play installed 8 million times

A recent investigation by McAfee revealed the existence of 15 SpyLoan applications on Google Play, which have collectively received over 8 million installs, primarily targeting users in South America, Southeast Asia, and Africa. These apps were removed from the Play Store following their discovery, but they highlight ongoing challenges in addressing digital threats. The last significant cleanup of similar SpyLoan applications occurred in December 2023, when over a dozen apps with 12 million downloads were taken down. SpyLoan applications pose as legitimate financial tools, offering misleading loan approvals and coercing users to provide sensitive personal information after validating their identity through a one-time password. They exploit device permissions to access extensive sensitive information, including contact lists, SMS messages, and location data, which are used in extortion schemes. Users who secure loans often face high-interest repayments and harassment from operators, with some scammers contacting borrowers' family members for further pressure. The eight most popular SpyLoan applications include: - Préstamo Seguro-Rápido, Seguro - 1,000,000 downloads (Mexico) - Préstamo Rápido-Credit Easy - 1,000,000 downloads (Colombia) - ได้บาทง่ายๆ-สินเชื่อด่วน - 1,000,000 downloads (Senegal) - RupiahKilat-Dana cair - 1,000,000 downloads (Senegal) - ยืมอย่างมีความสุข – เงินกู้ - 1,000,000 downloads (Thailand) - เงินมีความสุข – สินเชื่อด่วน - 1,000,000 downloads (Thailand) - KreditKu-Uang Online - 500,000 downloads (Indonesia) - Dana Kilat-Pinjaman kecil - 500,000 downloads (Indonesia) Despite Google's app review mechanisms, SpyLoan applications continue to evade detection. Users are advised to read reviews, check the developer's reputation, limit app permissions, and activate Google Play Protect to mitigate risks.

Winsage

November 29, 2024

Breach Roundup: Microsoft Tries Again With Windows Recall

Microsoft has unveiled a preview of its Windows Recall feature, designed to capture screenshots of active windows using on-device AI and store them in an SQLite database. The feature will be opt-in and requires users to enable BitLocker full-disk encryption, activate Secure Boot, and enroll in Windows Hello. Recall aims to avoid capturing sensitive information and allows users to delete snapshots or exclude specific applications. Microsoft has implemented safeguards to protect against brute-force attacks, and the data collected remains encrypted locally. The preview is currently available to participants in the Windows Insider Program for Developers. The U.S. Federal Trade Commission (FTC) reported that nearly 90% of smart device manufacturers lack clear update policies, with 161 out of 184 products reviewed not disclosing software update durations. This lack of transparency may violate the Magnuson-Moss Warranty Act and the FTC Act. Ping Li, a Florida IT professional, was sentenced to four years in prison for acting as an agent for China's Ministry of State Security, providing sensitive information since at least 2012. He pleaded guilty and was fined ,000. Operation "Serengeti" led to the arrest of over 1,000 individuals suspected of cybercrime across 19 African countries, resulting in nearly million in financial losses and the confiscation of around million in stolen funds. The U.S. Department of Justice indicted nine individuals linked to a multi-state money laundering scheme associated with internet fraud, allegedly laundering over million since 2016. NVIDIA released a critical firmware update to address a high-severity vulnerability (CVE-2024-0130) that could allow attackers to steal data and compromise systems. Cybersecurity firm McAfee discovered "spyloan" Android apps on the Google Play Store that aim to steal users' personal data, targeting users in Mexico, Colombia, and Indonesia. An international law enforcement operation dismantled a pirate streaming network serving over 22 million users and generating approximately million monthly, resulting in 102 arrests. Nicholas Michael Kloster, a 31-year-old from Kansas City, was indicted for allegedly hacking into computer networks to promote his cybersecurity services, facing multiple charges with a potential 15-year prison sentence. HDFC Life Insurance in India is investigating a potential data breach involving the sharing of certain data fields with malicious intent.