A week in security (July 28 – August 3)

Last week on Malwarebytes Labs: Apple ID scam leads to $27,000 in-person theft of Ohio man OpenAI kills "short-lived experiment" where ChatGPT chats could be found on Google Trump Administration and Big Tech want you to share your health data Prison visitor details shared with all inmates at...

Apple ID scam leads to $27,000 in-person theft of Ohio man

You've probably heard about people scamming from halfway around the world, but sometimes they turn up at your door. That's what happened in May, when 67 year-old Robert Wise of Ohio received a text telling him that his Apple ID had been compromised. It had been used at an Apple store for a $213...

Adoption agency leaks over a million records

Security researcher Jeremiah Fowler found a publicly accessible database online that contained highly personal information from an adoption agency. Jeremiah, who specializes in locating exposed cloud storage, is used to finding sensitive information exposed. However, because of the nature of the...

CNN, BBC, and CNBC websites impersonated to scam people

Researchers have uncovered a large campaign impersonating news websites, such as those from CNN, BBC, CNBC, News24, and ABC News, to promote investment scams. Adding a well known brand to your scammy site is a tale as old as time, and gives it an air of legitimacy that increases the likelihood th...

Catwatchful “child monitoring” app exposes victims’ data

If an app markets itself as being for “child monitoring”, a customer might expect that their data and those of the person you’re monitoring is handled with the utmost care and respect. However, as we've seen many times before, stalkerware which is what monitoring software is known as apps have a...

WhatsApp to start targeting you with ads

WhatsApp has announced that it will start to show you targeted ads on the app. The ads, it says, will appear under the Updates tab. WhatsApp launched the Updates tab a year ago, and now 1.5 billion people visit it every day. Updates has historically been a place for users to follow news and updat...

Scammers are still sending us their fake Robinhood security alerts

A short while ago, our friends at Malwaretips wrote about a text scam impersonating Robinhood, a popular US-based investment app that lets people trade stocks and cryptocurrencies. The scam warns users about supposed “suspicious activity” on their accounts. As if to demonstrate that this phishing...

Tea Dating Advice app has users’ private messages disclosed

A few days after Tea Dating Advice discovered unauthorized access to one of its systems that leaked 72,000 user images, the popular mobile app faced a second issue involving a separate database, as a researcher reported to 404Media that they were able to access private conversations. Tea Dating...