Researchers from Sophos Labs have recently uncovered a fraudulent scheme targeting iPhone users on dating apps. The scam known as CryptoRom involves scammers contacting victims through dating app accounts and gaining their trust through direct messaging.
Once the victim is comfortable, the scammer convinces them to install fake trading applications that appear legitimate. The conversation then shifts to investments, with the scammer persuading the victim to invest a small amount of money and allowing them to withdraw it with a profit as an incentive.
To further entice victims into making larger investments, the scammer offers in-app loans and encourages them to purchase various financial products or invest in supposed “profitable” trading events. However, when victims attempt to retrieve their money or become suspicious, they find themselves locked out of their accounts.
Most of the victims targeted by CryptoRom are iPhone users located in the United States or Europe, with popular dating apps like Bumble, Grindr, Tinder, and Facebook Dating being used to lure them in. So far, victims have been defrauded of at least $1.4 million through this scam, primarily by transferring money to fake trading applications via the Binance app.
This latest discovery by Sophos Labs follows a previous report in May highlighting scammers exploiting dating sites and apps to trick victims into installing fake cryptocurrency apps on both iPhone and Android devices. Initially targeting victims in Asia, this global scam has since expanded to affect users worldwide.
Further investigations into the scam revealed that the perpetrators utilized Apple’s ad-hoc Super Signature distribution scheme to target iOS users. Additionally, malicious apps tied to these scams on iOS were found to exploit configuration profiles abusing Apple’s Enterprise Signature distribution scheme to target victims.
As scammers continue to evolve their tactics and expand their reach, it is essential for users to remain vigilant and cautious when engaging with unknown individuals or apps online. By staying informed and practicing safe online behavior, individuals can better protect themselves from falling victim to such fraudulent schemes.