Warning: Scammers are using FaceTime to empty bank accounts


Apple is urging users to treat any suspicious FaceTime call or message as untrusted, especially if it involves payments, refunds, password resets, or requests for personal information.

This warning appears in a broader Apple support article about scams that target iPhone and iPad users through social engineering. Apple says attackers may contact people by phone calls, FaceTime, text messages, or emails while pretending to represent a trusted organization.

The advice comes as many users still delay installing security updates, leaving them exposed even after Apple has released security patches.

Read more…
Source:  Malware Bytes Labs


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • CAI cloud worm gives competitors’ malware the boot, then steals secrets and mines for coin

    July 7, 2026

    There’s no honor among thieves as a new worm steals from other infectious software. It pilfers “multiple” victims’ credentials and mines for cryptocurrency while killing competitors’ processes, including similar secret-harvesting malware. It’s called Cloud AI Infrastructure Attack Framework (CAI), and it’s a centralized botnet that targets cloud-native developer tools like Docker, Kubernetes, Redis, etcd, Kubelet, and ...

  • Fake Netflix, Coca-Cola, and FIFA job scams target marketers

    July 7, 2026

    Attackers are impersonating major companies and recruiters to target marketing professionals, using trusted services and browser tricks to make the scam look legitimate. A BleepingComputer article detailing the campaign found at least 34 domains impersonating high-value companies, including Netflix, Coca-Cola, Adidas, and FIFA. The lure is a fake job interview or scheduling request from a “recruiter” representing one of ...

  • Hacktivists call out Trump by hacking and defacing US Army websites

    July 7, 2026

    The U.S. Army has reportedly fixed two of its websites that had been defaced to display pro-Kurdish messages and to call out President Donald Trump, the latest case of hackers compromising systems run by the federal government in recent months. Security researcher Ronald Lovelace told Cyberscoop, which first reported the defacements, that error pages were modified on two U.S. Army ...

  • When checking the URL isn’t enough: a Device Code Phishing attack via a Microsoft website

    July 6, 2026

    One of the most common pieces of anti-phishing advice is to double-check the website’s domain name before providing your credentials. Typically, a fraudulent domain stands out to the trained eye, differing from the official URL by at least a few characters. Recently, however, Kaspersky encountered a campaign where attackers instruct victims to input data directly ...

  • Canadian spy agency says it hacked drug traffickers, extremists, and a ransomware gang last year

    July 6, 2026

    Offering a rare glimpse at the priorities of a top spy organization, Canada’s Communications Security Establishment (CSE) said it conducted a handful of state-authorized hacks last year in order to disrupt the operations of drug traffickers, violent extremists, and a ransomware gang. The disclosures in the Canadian intelligence agency’s annual report underscore some of the main national security ...

  • Fake IT bods on Microsoft Teams coax workers into installing malware

    July 6, 2026

    Cybercriminals are using fake IT support calls on Microsoft Teams to persuade employees to surrender control of their PCs before installing the EtherRAT remote access trojan, according to researchers at Palo Alto Networks’ Unit 42. Victims receive a phishing email disguised as an employee survey before a follow-up Microsoft Teams call from someone claiming to be IT ...