Warning: Scammers are using FaceTime to empty bank accounts


Apple is urging users to treat any suspicious FaceTime call or message as untrusted, especially if it involves payments, refunds, password resets, or requests for personal information.

This warning appears in a broader Apple support article about scams that target iPhone and iPad users through social engineering. Apple says attackers may contact people by phone calls, FaceTime, text messages, or emails while pretending to represent a trusted organization.

The advice comes as many users still delay installing security updates, leaving them exposed even after Apple has released security patches.

Read more…
Source:  Malware Bytes Labs


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Carnival confirms ShinyHunters cruised off with 6M customer records after April breach

    May 28, 2026

    Carnival Corporation – the world’s largest cruise operator – has confirmed a digital heist, a month after hacking crew ShinyHunters claimed to have stolen millions of customers’ records. The breach, Carnival confirmed, stemmed from an April 14 social engineering attack on an employee, though the company declined to comment on the scale or name ShinyHunters. Read more… Source:  ...

  • Threat Actors Spoofing FIFA Websites in Advance of the 2026 World Cup

    May 27, 2026

    The FBI is issuing this Public Service Announcement (PSA) to warn the public that cyber threat actors are conducting spoofing attacks against the Fédération Internationale de Football Association (FIFA) website in advance of the 2026 FIFA World Cup. A spoofed website is designed to pose as a legitimate website, with branding, product listings, etc., and malicious ...

  • Industrial robots targeted by malware, which could open them up to hacking

    May 25, 2026

    A critical command injection vulnerability has been discovered in Universal Robots PolyScope 5, the operating system whucg powers the company’s collaborative robots. The flaw, tracked as CVE-2026-8153, carries a CVSS score of 9.8 and affects all software versions prior to PolyScope 5.25.1. This vulnerability could lead to complete compromise of the robot controller, affecting the confidentiality, integrity, and availability ...

  • Cloud Atlas activity in the second half of 2025 and early 2026: new tools and a new payload

    May 22, 2026

    In 2025, Kaspersky observed pervasive SSH tunnel activity, which has remained active into 2026, affecting many government organizations and commercial companies in Russia and Belarus. Behind some of this activity is Cloud Atlas, a group which was known  to Kaspersky researchers since 2014. During the investigation, the researches identified new tools used by this group, as ...

  • ROADtools and Nation-State Tactics in the Cloud

    May 22, 2026

    ROADtools is a publicly available toolkit for offensive and defensive security purposes that attackers have integrated into cloud attacks. The tool is designed to: Enumerate Entra ID Register devices in Entra ID Acquire, exchange and manipulate Microsoft Entra ID tokens ROADtools is an open-source framework written in Python and built for red-teaming and research. It primarily targets the identity and ...

  • Tracking Iranian APT Screening Serpens’ 2026 Espionage Campaigns

    May 22, 2026

    Unit 42 researchers have observed evidence of cyberattacks by the Iran-nexus advanced persistent threat (APT) group Screening Serpens (aka UNC1549, Smoke Sandstorm and Iranian Dream Job). Based on Unite 42 visibility, researchers believe that the group targeted entities in the U.S., Israel and the United Arab Emirates, and likely two additional Middle Eastern entities. This research follows ...