Symantec Connect:

op1The Opfake gang has been targeting Android mobile devices, as well as Symbian, but that does not mean they are limiting their targets to these platforms. Where there is money to be made, they are willing to invest time and resources. This includes scams designed for iPhone users. We have come across a couple of Opfake websites that, while hosting malicious apps that Symantec detects as Android.Opfake, are also designed to perform social engineering attacks on iPhone users.

The iPhone is designed to prevent the installation of applications outside of the Apple App Store. This makes life difficult for bad guys attempting to fool users into installing malicious apps in a similar manner to Android and Symbian devices.  To get around this, the Opfake gang have developed a social engineering trick that does not require apps to scam site visitors.

We have seen two different types of websites.  The first attempts to trick users into thinking that their browser is out of date and needs to be updated.

Continue Reading at Symantec Connect Blog: