Lower rates for creating unique passwords, buying items from known websites, and using protection software leave iPhone users at risk to online scams.

The smartphone wars have a winner, and it’s Android.

No, this isn’t about which device has the best camera, the snappiest processor, or the flashiest AI features—this is about which device _owners_ are safer online, and in many ways, it is Android users who take the crown. According to a new analysis from Malwarebytes, when compared to iPhone users, Android users share less of their personal information for promotional deals, more frequently use security tools, and more regularly create and manage unique passwords for their many online accounts.

They also, it turns out, fall victim to fewer scams.

This is the latest investigation into research conducted earlier this year by Malwarebytes that surveyed 1,300 people over the age of 18 in the US, the UK, Austria, Germany, and Switzerland. In the original report released in June, Malwarebytes revealed how mobile scams have become a part of everyday life for most everyone across the globe—and how far too many individuals have essentially given up on trying to fight back.

Now, Malwarebytes can reveal how iPhone and Android users differ when scrolling, shopping, and sending messages online. This secondary analysis has controlled for age, meaning that, while iPhone users did tend skew younger in the original data set, the differences identified here are more directly attributed to device type.

Here are some of the key takeaways:

*   Apple users are more likely to engage in risky behavior.
    *   47% of iPhone users purchased an item from an unknown source because it offered the best price, compared to 40% of Android users.
    *   41% of iPhone users sent a Direct Message (DM) on social media to a company or seller account to get a discount or discount code, compared to 33% of Android users.
*   Apple users take fewer precautions online.
    *   21% of iPhone users said they use security software on their mobile phones, compared to 29% of Android users.
    *   35% of iPhone users choose unique passwords for their online accounts, compared to 41% of Android users.
*   Apple users are more likely to be the victims of scams.
    *   53% of iPhone users have fallen victim to a scam compared to 48% of Android users.

Importantly, the behavioral splits here are largely device agnostic.

Android users are not scanning fewer QR codes and iPhone users are not failing to make unique passwords because their respective devices are somehow incapable. Instead, iPhone users are making worse decisions about buying things online and about staying safe from all types of cyberthreats—whether that includes phishing attempts, social engineering scams, or malware infections.

The reasons for this are complex and hard to identify, but Malwarebytes’ original research can provide a clue. Namely, iPhone users were slightly more likely than Android users (55% compared to 50%) to agree with the following statement:

> “I trust the security measures on my mobile/phone to keep me safe.”

That trust could have an adverse effect, in that iPhone users do not feel the need to change their behavior when making online purchases, and they have less interest in (or may simply not know about) using additional cybersecurity measures, like antivirus.

Whatever the reasons, there is room for improvement. As explained by Mark Beare, general manager of consumer business for Malwarebytes, staying safe online today cannot rely on any single platform, device, or operating system.

“Devices and operating systems are just gateways to apps and websites, and it’s often those online spaces that present cyber risks,” Beare said. “When those websites or apps serve malicious or deceptive content, it’s up to the user to decide what’s real, what’s a scam, and where they should or shouldn’t click.”

Here is where iPhone users should most pay attention when using the internet.

It’s getting harder to shop safely online.

For years, the cybersecurity industry warned people about the most obvious red flags when making a purchase or offering a donation online: Don’t click on unknown links, don’t share personal information, don’t send messages directly to strangers, and don’t scan QR codes that can lead to unknown locations. Behind all of these could lie malware, data theft, and even the slow start of a social engineering scam.

And yet, in the past few years, even legitimate businesses have asked everyday consumers to do these same, reckless things. Online stores ask that people send a Direct Message (DM) on social media for a discount code, or that they sign up their email or phone number for a promotional offer, or that they complete their payment by scanning a QR code, or that they track an upcoming delivery by clicking on a link sent via text.

Just because established businesses are leaning into these tactics does not make the tactics inherently safe, and unfortunately, iPhone users are pushing back the least.

According to Malwarebytes’ recent analysis, 63% of iPhone users signed up their phone number for text messages so they could get a coupon, discount, free trial, or other promotional offer, compared to the 55% of Android users who did the same. Similarly, 41% of iPhone users “sent a DM on social media to a company or seller account to get a discount or discount code,” compared to 33% of Android users.

Malwarebytes also found that 47% of iPhone users “purchased an item from an unknown website or supplier because it offered the best price,” compared to 40% of Android users.

In looking at the data, however, it is important to recognize that some of the behavior from iPhone users has been thrust upon them.

For example, 70% of iPhone users have “scanned a QR code to begin or complete a purchase.” Beginning in 2020, scanning a QR code became commonplace as restaurants across the world implemented several strategies to limit the spread of COVID-19. This practice isn’t the fault of iPhone users (or the 63% of Android users who have done the same), and they shouldn’t be “blamed” for what the world asked of them.

However, sharing a phone number, sending a DM to a stranger, and buying from unknown websites are decidedly not requirements today for making an online purchase. 

As Malwarebytes discussed on the Lock and Code podcast earlier this year, “data deals” in which consumers are asked to give up some of their privacy for a one-time discount are rarely, if ever, worth the cost. Separately, the most common start to a romance scam, job scam, or investment scam is through a DM sent on social media.

Though legitimate companies have co-opted these strategies to boost engagement and revenue, the public still have an opportunity to push back. If they do not, there is a real risk that these marketing tactics become so normalized that online scammers will find it easier to send malicious messages, disguise their intentions, and steal from innocent people.

****Not so pro(active)****

Ever since a devastatingly effective commercial was unveiled to the public some 20 years ago, there’s been a persistent belief that Apple devices are somehow impervious to viruses, malware, and all other nasty cyber infections.

The marketing ploy was wrong back then and it is still wrong today—Macs get plenty of viruses—but the damage is already done, and the consequences might be most visible in how iPhone users feel about traditional cybersecurity tools: In short, they don’t use them.

According to Malwarebytes’ new analysis, just 21% of iPhone users said they use security software on their mobile phone, compared to 29% of Android users. iPhone users were also less likely than Android users to use an ad blocker (19% of iPhone users compared to 27% of Android users).

The data gaps here are sometimes benign. The low use of “ad blockers,” in particular, should come as no surprise. These tools are mostly understood as add-ons for desktop and laptop versions of popular web browsers—such as Google Chrome, Microsoft Edge, and Mozilla Firefox. While many mobile browsers have ad blockers built in by default, this may not be known to the average user.

Also remember that, as smartphone ownership increases across the globe, so do the numbers on smartphone “dependency.” According to Pew Research Center, 15% of adults in the US _only_ have a smartphone to connect to the internet, meaning, perhaps, that 15% of people simply cannot access the same security and privacy tools that are developed predominantly for computers.

That said, the justifications for iPhone users start to fade when looking at one last number.

Only 35% of iPhone users “choose unique and strong passwords for accounts,” compared to 41% of Android users. Creating strong, unique passwords for online accounts is foundational to staying safe online, and it has only been made easier and more accessible over time.

For users who cannot remember a unique password for every account (which is every person alive), password managers are available—some for free—to help create, store, and recall as many strong passwords as needed. For users who do not trust a third-party password manager (understandably so), Apple released its “Passwords” app on iOS 18 nearly one year ago, making password management easier by default. And for users who don’t trust password managers (of which there are many), the antiquated practice of physically writing usernames and passwords in a private journal isn’t _that_ outlandish.

In short, there is little excuse for failing to create and use unique passwords for every online account, and that goes for Android users, too. The technology can be intimidating, but it’s worth the work.

****Security for all****

The measurably unsafe behavior of some iPhone users online comes with unfortunate, measurable consequences. The poor password hygiene, risky buying behavior, and limited antivirus protection are all paired with a higher overall rate of victimization—53% of iPhone users have fallen victim to a scam compared to 48% of Android users.

In the worst circumstances, these disparate rates could invite blame, but it’s the wrong conclusion to make. As any scam victim knows, the statistical analysis of victimization means absolutely nothing when you are personally trying to recover your money, your reputation, your private photos, and your sense of trust in the world around you.

Every person, no matter their device, should create unique passwords for individual accounts, use security products (which can also detect malicious websites and phishing schemes), and rely on friends and family when something doesn’t feel right online. And for those who want 24/7 guidance on strange messages, phone numbers, and more, there is always Malwarebytes Scam Guard to lead the way. Try it today.

 iPhone vs. Android: iPhone users more reckless, less protected online 

A woman in Florida was tricked into giving thousands of dollars to a scammer after her daughter's voice was AI-cloned and used in a scam.

A woman in Florida was tricked into giving thousands of dollars to a scammer after her daughter’s voice was AI-cloned and used in a scam.

Sharon Brightwell says she received a call from someone who sounded just like her daughter. The woman on the other end was sobbing and crying, telling her mom that she had caused a car accident in which a pregnant woman had been seriously injured. She said she’d been texting and driving and that her phone had now been taken by police.

> “There is nobody that could convince me that it wasn’t her. I know my daughter’s cry.”

A man claiming to be her daughter’s attorney then allegedly took over the phone. He told Sharon that authorities were detaining her daughter and that she needed to provide $15,000 in cash for bail. He gave very specific instructions on what to do, including not telling the bank what the large withdrawal was for since, he said, it might affect her daughter’s credit rating.

Sharon withdrew the money, placed it in a box, and a driver picked it up. But that wasn’t the end. A new call followed, informing her that the pregnant woman’s unborn child had died in the accident, but that the family had agreed not to sue Sharon’s daughter if she paid them $30,000 dollars.

Luckily for Sharon, her grandson didn’t trust the whole thing and decided to call her daughter’s number. That call was answered by her daughter who was at work, unaware of anything that had been going on.

By then it was too late for the $15,000.

> “My husband and I are recently retired. That money was our savings.”

Unfortunately, we’re hearing a lot of these and similar stories. So, what’s going on and how can we protect ourselves?

Cloning voices with AI has improved considerably over the years and has become easily available to everyone, including cybercriminals. Many of our voices are online, via video or audio that’s been posted to social media. In Sharon’s case, they believe the scammers used videos from Facebook or other social media to create the replica of her daughter’s voice.

AI-powered phone scams can range from brief, scripted robocalls to full conversations. Recent studies have shown that relying on human perception to detect AI-generated voice clones is no longer consistently reliable. I imagine it’s even harder to determine when the voice is made to sound stressful and upset and you believe it to be your child.

**How to stay safe from AI-generated voice scams**

*   Don’t answer calls from unknown callers and be careful about where you’ve posted audio and video online in which your voice features. It only takes a recording of a few seconds of your voice to create a convincing clone.
*   Agree on a family password that only you and your loved ones know. Don’t ever post or message about this online anywhere, decide on it in person and stick to it.
*   If you’ve forgotten the password, ask about a long-ago memory that hasn’t featured on social media. Be sure it is definitely your loved one that you are talking to.
*   Don’t try to handle situations like these alone. Find a friend, family member, friendly neighbor, or anyone who can sensitively give you their view, or support you if you’ve fallen for the scam. Sometimes having a second opinion, like Sharon’s grandson, can help to make you think twice before handing over any money.

And if you decide you don’t trust the situation:

*   Call the number you have for the relative or use other channels to contact them.
*   Whether you’ve fallen for the scam or not, report the incident to local authorities, the FTC, or relevant consumer protection bodies. Every report helps track and prevent future scams, and you may even help catch one of these criminals.

**We don’t just report on phone security—we provide it**

Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.

 &#8216;Car crash victim&#8217; calls mother for help and $15K bail money. But it&#8217;s an AI voice scam 

Cybersecurity researchers have unearthed new Android spyware artifacts that are likely affiliated with the Iranian Ministry of Intelligence and Security (MOIS) and have been distributed to targets by masquerading as VPN apps and Starlink, a satellite internet connection service offered by SpaceX.
Mobile security vendor Lookout said it discovered four samples of a surveillanceware tool it tracks

Iran-Linked DCHSpy Android Malware Masquerades as VPN Apps to Spy on Dissidents

On this episode of Uncanny Valley, we dive into the differences between what the US government said about a Jeffrey Epstein video it released and the story told by its metadata.

How WIRED Analyzed the Epstein Video

Plus: Secret IRS data-sharing with ICE, a 20-year-old hackable vulnerability in train brakes, and more.

After reporting last week that the “raw” Jeffrey Epstein prison video posted by the FBI was likely modified in at least some ways (though there is no evidence that the footage was deceptively manipulated), WIRED reported on Tuesday that metadata analysis of the video shows approximately 2 minutes and 53 seconds were removed from one of two stitched-together clips.

The United States Department of Homeland Security is facing controversy over DNA samples taken from approximately 133,000 migrant children and teens that the department added to a criminal database. Meanwhile, researcher Jeremiah Fowler published findings this week that more than 2 GB of extremely sensitive adoption-related data—including information about biological parents, children, and adoptive parents—was exposed and publicly accessible on the open internet.

Roblox’s new Trusted Connections feature includes age verification that uses AI to scan teens’ video selfies and determine whether they can be granted access to unfiltered chatting with people they know. And as video deepfake capabilities mature—including AI tools that can even manipulate live video footage—AI “nudify” platforms are drawing millions of users and generating millions of dollars in revenue using tech from US companies.

And there’s more. Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.

**China’s Salt Typhoon Hackers Breached the US National Guard for Nearly a Year**

The Chinese state-sponsored hacking group known as Salt Typhoon has already shocked the US once with the revelation last year that it had deeply penetrated American telecom systems, even targeting the text messages and phone conversations of citizens including then-candidates Donald Trump and JD Vance in real time. Now it appears the group’s espionage has included the US military, and it spent much of the last year inside the network of the US National Guard in at least one state. NBC News this week reported on a DHS memo, obtained by the national security transparency nonprofit Property of the People, that warned the Chinese hacker group had breached that state-level National Guard network from March to December of last year. It didn’t identify which state had been targeted. According to the memo, Salt Typhoon’s access “likely provided Beijing with data that could facilitate the hacking of other states’ Army National Guard units, and possibly many of their state-level cybersecurity partners.”

**IRS Blueprint Reveals Secret Plan to Let ICE Pull Taxpayer Data in Real Time**

The Trump administration is developing a new digital system designed to grant Immigration and Customs Enforcement near-real-time access to sensitive data of taxpayers, including their home addresses. Internal blueprints, revealed by ProPublica on Tuesday, show that the system is designed to automate and expedite data exchanges “on demand,” bypassing traditional IRS safeguards that normally require case-by-case review and legal justification. The system represents a major shift in how IRS data is accessed, and it is already raising concerns among civil liberties experts who say the process may violate privacy laws and further accelerate ICE's ability to obtain tax data for deportation purposes.

**US Trains’ Brakes Can Be Hacked With a 20-Year-Old Security Vulnerability**

A zero-day vulnerability that allows a trains’ brakes to be triggered by malicious hackers is a troubling notion. A 7,300-plus-day vulnerability that leaves trains exposed to that brake hack is a shocking level of negligence for a piece of critical US infrastructure. The Cybersecurity and Infrastructure Security Agency last week released an advisory about a lack of authentication in a protocol that allows a device in the head of a train (HOT) to send a braking signal to another device in the end of a train (EOT) for coordinated braking across long trains such as freight trains. That meant that hackers could send their own unauthenticated commands to disrupt trains, shut down rail networks, or even cause derailments, one of the researchers credited in the advisory told SecurityWeek. The issue is made all the more egregious by the fact that the researchers discovered the vulnerability had first been reported in 2005 but was never taken seriously or fixed. Tens of thousands of the vulnerable HOT and EOT devices are set to be replaced in a process that will begin next year.

**Google Sues Creators of a 10-Million-Device TV-Based Botnet**

Hackers who want to build a botnet of malware-controlled internet-of-things devices can scour those devices for vulnerabilities—which are plentiful enough—and remotely exploit them. Or better yet, they can infect them before they’re even shipped. Google announced this week it would be filing a lawsuit against the administrators of the so-called BadBox 2.0 botnet, which consisted of 10 million Android-powered TVs that were somehow infected with malware before being sold to consumers. The botnet operators, which Google describes as Chinese cybercriminals, then sold access to those devices to be used as proxy machines or to fake advertising views in a vast click-fraud scheme. BadBox 2.0 “is already the largest known botnet of internet-connected TV devices, and it grows each day. It has harmed millions of victims in the United States and around the world and threatens many more,” Google’s complaint reads.

China’s Salt Typhoon Hackers Breached the US National Guard for Nearly a Year

Google on Thursday revealed it's pursuing legal action in New York federal court against 25 unnamed individuals or entities in China for allegedly operating BADBOX 2.0 botnet and residential proxy infrastructure.
"The BADBOX 2.0 botnet compromised over 10 million uncertified devices running Android's open-source software (Android Open Source Project), which lacks Google's security protections,"

Google Sues 25 Chinese Entities Over BADBOX 2.0 Botnet Affecting 10M Android Devices

Google has released an update for its Chrome browser to patch six security vulnerabilities including one zero-day.

Google has released an update for its Chrome browser to patch six security vulnerabilities, including one zero-day.

This update is crucial since it addresses one actively exploited vulnerability which can be abused when the user visits a malicious website. It doesn’t require any further user interaction, which means the user doesn’t need to click on anything in order for their system to be compromised.

The update brings the version number to 138.0.7204.157/.158 for Windows, Mac and 138.0.7204.157 for Linux.

The easiest way to update Chrome is to allow it to update automatically, but you can end up lagging behind if you never close your browser or if something goes wrong—such as an extension stopping you from updating the browser.

To manually get the update, click the more menu (three stacked dots), then choose **Settings** > **About Chrome**. If there is an update available, Chrome will notify you and start downloading it. Then all you have to do is reload Chrome in order for the update to complete, and for you to be safe from the vulnerabilities.

You can find more elaborate update instructions and the version number information in our article on how to update Chrome on every operating system.

**Technical details on the zero-day vulnerability**

Attackers can exploit the vulnerability tracked as CVE-2025-6558 by taking advantage of insufficient validation of untrusted input in Chrome’s ANGLE and GPU components. This flaw, which affects versions of Google Chrome prior to 138.0.7204.157, enables an attacker to craft a malicious HTML page and, upon convincing a user to open it, escape the browser’s security sandbox

ANGLE (Almost Native Graphics Layer Engine) is open-source software developed by Google that acts as a translator for graphics commands in browsers like Chrome. It helps your browser display complex graphics, such as 3D games or interactive web apps, and works on a wide range of computers and devices, even if they use different underlying graphics systems.

As an everyday user you may never see or even notice ANGLE directly, but it powers a huge part of the web experience. Especially 3D content in Chrome, Edge, and Firefox on Windows, Mac, and even Android.

Its universal role means that when a security issue is found in ANGLE, everybody using Chrome (and Chromium browsers) is potentially at risk.

An attacker only needs to present a target with an especially crafted HTML file, meaning they just need to lure them to a malicious website. HTML is just the code that makes up a web page.

The sandbox escape means that successful exploitation of the vulnerability not only affects the—sandboxed—browser, but can compromise the victim’s device.

Google’s Threat Analysis Group (TAG) has been credited with discovering and reporting the flaw on June 23, 2025. The TAG group focuses on spyware and nation-state attackers who abuse zero days for espionage purposes.

**We don’t just report on** **browser vulnerabilities**, Malwarebytes’ Browser Guard protects your browser against malicious websites and credit card skimmers, blocks unwanted ads, and warns you about relevant data breaches and scams.

 Chrome fixes 6 security vulnerabilities. Get the update now! 

BADBOX variant BADBOX 2.0 found preinstalled on Android IoT devices in 222 countries, turning them into proxy nodes used in fraud and large-scale malicious activity.

A new series of Android-based malware, BADBOX 2.0, is turning everyday smart devices into a botnet, often before they even reach users’ homes. The FBI has now flagged this malware as a global threat, and recent analysis from Point Wild’s Lat61 Threat Intelligence Team reveals over 1 million devices across 222 countries and territories have already been compromised.

Led by Dr. Zulfikar Ramzan, the Lat61 team traced the infection chain to its core: a native backdoor library named libanl.so, embedded deep within device firmware. The malware is designed to survive factory resets, carry out stealthy operations, and generate profit through hidden ad-click activity.

****Malware Hidden in Plain Sight****

What makes BADBOX 2.0 especially dangerous is how it spreads. It’s not just pushed through malicious downloads or fake apps. Many of the infected devices come preloaded or pre-installed with the malware straight from the factory. This means users are exposed from the moment they power on a new device.

BADBOX was first identified in October 2023, found in low-cost Android TV boxes that were compromising home networks. In the latest attack as well, most victims are users of low-cost Android-based IoT devices like generic-brand smart TVs, streaming boxes, digital projectors, or tablets, often purchased from online marketplaces and in some cases also available on Amazon. These devices are typically manufactured through unregulated supply chains and shipped worldwide without proper security checks.

Malicious T95 TV Boxes ready to be shipped through Amazon back in 2023 (Screenshot: Hackread.com)

****What the Malware Actually Does****

Once active, BADBOX 2.0 turns the device into a node in a residential proxy network. These nodes are then sold to criminal groups who use them to hide their tracks during click fraud, credential stuffing, and other types of cyberattacks.

According to Point Wild’s blog post shared with Hackread.com, the key components identified by analysts include:

*   **libanl.so**: A native backdoor that triggers malware modules on boot
*   **p.jar and q.jar**: Java modules responsible for downloading new payloads and maintaining persistence
*   **com.hs.app**: A system-level Android app that loads the backdoor
*   **catmore88(.)com and ipmoyu(.)com**: Command and control (C2) domains used to communicate with infected devices

The malware is capable of operating silently in the background. Victims may only notice symptoms like high CPU usage, overheating, sluggish performance, or unusual internet traffic when the device is idle.

****Stealth and Scale****

Point Wild’s telemetry shows infections spread across more than 222 countries, with many occurring out of the box. Users don’t need to download anything or click a malicious link. Just plugging in the device is enough to become part of a botnet.

What’s worse, the design allows for persistent access, encrypted communication with remote servers, and revenue generation through invisible ad-click modules, all without the user’s knowledge.

****Signs You Might Be Infected****

If your device feels sluggish, heats up unexpectedly, or shows signs of unusual internet activity even when idle, it might be infected. Other red flags include Google Play Protect being disabled or missing entirely, unfamiliar apps appearing on their own, or the device being from an off-brand manufacturer without verified firmware. These signs could point to malware like BADBOX 2.0 running silently in the background.

Users should also avoid buying unbranded or ultra-cheap devices from unknown sellers. Stick to manufacturers that offer ongoing firmware support and publish clear security documentation.

Remember, BADBOX 2.0 isn’t just some run-of-the-mill malware. It’s part of a large, coordinated operation that’s quietly turning cheap consumer devices into tools for cybercriminals, renting them out for fraud and other attacks.

The groups behind it are likely based in China, and what makes it especially dangerous is how deeply it’s embedded. Since the malware is often pre-installed during manufacturing, spotting or removing it is far more difficult than dealing with typical infections.

BADBOX 2.0 Found Preinstalled on Android IoT Devices Worldwide

A former US army colonel faces up to ten years in prison after revealing national secrets on a foreign dating app.

Even hard-headed military types can fall victim to romance scams, it seems. A former US army colonel faces up to ten years in prison after revealing national secrets on a foreign dating app.

David Slater was a retired colonel in the US army who took up work as a civilian at US Strategic Command, according to the Department of Justice. He spilled the beans on a foreign online dating app between February and April 2022. Russia invaded Ukraine in February 2022.

The DoJ’s indictment against Slater doesn’t reveal what app he used, but he talked to someone claiming to be a Ukrainian woman repeatedly via the app and email. The person, named as ‘co-conspirator 1’, called him ‘my secret information love’.

‘Co-conspirator 1’ whispered sweet nothings including “Beloved Dave, do NATO and Biden have a secret plan to help us?” which they sent in March that year. The following month, they sent “Sweet Dave, the supply of weapons is completely classified, which is great,” and “My sweet Dave, thanks for the valuable information, it’s great that two officials from the USA are going to Kyiv”.

The indictment said that Slater provided classified information about military targets and Russian military capabilities, even though he knew this could be damaging to the US.

The DoJ originally prosecuted Slater on three counts, covering conspiracy to disclose National Defense Information and the actual transmission of those secrets. He “willfully, improperly, and unlawfully conspiring to transmit National Defense Information classified as ‘SECRET’,” according to the indictment.

On Friday, Slater pleaded guilty to conspiracy. Under the plea deal, prosecutors have dropped the other two charges. Although he could still receive the maximum ten-year penalty, the government will recommend a sentence of between five and seven years in jail when sentenced on August 8.

Slater’s years of military experience meant he should have known better, said DoJ prosecutors. But this sad story shows just how powerful emotions can be in causing someone to cross personal and professional boundaries. It’s entirely possible, of course, that ‘co-conspirator 1’ was a legitimate love interest, but just as likely that they were working on behalf of a foreign state actor. No matter which, it was wrong to divulge secrets that might have put lives in danger.

So what can we learn from this? Most people reading this story won’t be privvy to such secrets, but many might be lonely, or know someone who is. Romance scammers target people desperate for affection and human connection. It makes it easier to scam someone when they’re eager to believe that you’re legitimate and telling them the truth.

For most romance scam victims, the target is money rather than state secrets. One in ten victims lose $10,000 or more. That’s why it’s important to continually check in on those in your life who may be vulnerable. Even those that you think are savvy and immune to scams might be at risk. Loneliness can make even the most skeptical person do some questionable things.

**We don’t just report on scans—we help detect them**

Cybersecurity risks should never spread beyond a headline. If something looks dodgy to you, check if it’s a scam using Malwarebytes Scam Guard, a feature of our mobile protection products. Submit a screenshot, paste suspicious content, or share a text or phone number, and we’ll tell you if it’s a scam or legit. Download Malwarebytes Mobile Security for iOS or Android and try it today!

 Dating app scammer cons former US army colonel into leaking national secrets 

Cybersecurity researchers have discovered a new, sophisticated variant of a known Android malware referred to as Konfety that leverages the evil twin technique to enable ad fraud.
The sneaky approach essentially involves a scenario wherein two variants of an application share the same package name: A benign "decoy" app that's hosted on the Google Play Store and its evil twin, which is

Tag

#android