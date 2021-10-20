iPhone users beware: a new scam is robbing victims of millions of dollars.

iPhone consumers are already being victimized by a new Apple App Store fraud that uses the Apple Developer Program and Enterprise Signatures to get through the company’s tight review procedure, with some already losing hundreds of thousands of dollars.

Apple’s iOS has a number of measures to defend it from various types of viruses and frauds that are prevalent on other mobile operating systems. Regardless of the company’s efforts, hostile and threat actors always find a way into the system to prey on unwary customers.

One of these is the latest CryptoRom malware campaign, which was identified by the cyber security firm Sophos. This fraud approaches potential victims on dating platforms to get them to download fake crypto trading apps.

To discover potential victims, criminals use dating applications or websites such as Tinder, Bumble, Grindr, and Facebook. After that, they go from dating apps to messaging apps to continue the conversation.

“They establish a friendship using the dating game as a ploy, but rapidly shift their focus to money, this time under the guise of doing you a favor by providing you a chance to participate in a ‘unbeatable’ investment opportunity,” cybersecurity experts wrote in a blog post on Wednesday.

Scammers will befriend these victims and, after getting to know them, will ask them to download bogus trading programs with customer service and legitimate-looking websites.

The dialogue then shifts to investing, with malicious actors asking victims to deposit a little sum of money and then allowing them to withdraw it with a profit. But, of course, this is merely a ruse.

The new “buddy” will then encourage naïve customers to purchase financial goods or invest in lucrative trading activities or events. The phony friend will even lend money to the victims to make the deception more convincing.

When the victims become suspicious and want their money back, the farce comes to an end. The bad guys vanish, leaving their victims locked out of their accounts.

Several users have come forward to confirm the scam thus far. “One of the victims published the bitcoin address to which they moved their money, and as of the time of writing, it had been sent over $1.39 million dollars,” according to the site.

"One victim was defrauded of £63000 (about $87000). There have been further press reports of these scams in the UK, with one victim losing £35000 ($45000) to a scammer who contacted them on Facebook, and another losing £20000 ($25000) after being approached through Facebook.