Featured Story
Romance Baiting Losses Surge 40% Annually
Losses to romance baiting, or pig butchering, scams increased 40% year-on-year (YoY) in 2024 to comprise a third of total crypto fraud revenue, according to Chainalysis. A day before Valentine’s Day, the blockchain analytics company revealed the darker side of dating apps in its 2025 Crypto Crime Report.
Romance baiting typically occurs when vulnerable individuals are approached on dating sites, before being groomed by scammers and then persuaded to invest in some kind of investment scam.
Apologies for headlining this topic on Valentine’s Day, but joke aside, romance scams remain a serious and growing cyber threat. With a 40% surge in losses, cybercriminals are increasingly exploiting emotional vulnerabilities to steal money and personal data. These scams often involve sophisticated social engineering tactics, making even tech-savvy individuals susceptible.
Raising awareness and implementing digital hygiene—such as verifying online identities, avoiding unsolicited financial transactions, and enabling security measures on social platforms—are essential to mitigating risks. Whether personal or professional, vigilance against social engineering threats remains a key aspect of cybersecurity.
Other Stories
Ivanti, Fortinet Patch Remote Code Execution Vulnerabilities
Ivanti and Fortinet announced patches for critical and high-severity flaws that could lead to remote code execution. Ivanti issued fixes for 11 vulnerabilities across several products including ICS, IPS, ISAC, Neurons for MDM, and CSA. Fortinet published 14 advisories affecting FortiOS, FortiPortal, FortiAnalyzer, FortiManager, and more.
VPN and firewall appliances remain critical infrastructure components and prime targets for attackers. These newly patched vulnerabilities highlight the continued risk of remote code execution. Organizations must patch immediately, segment critical assets, enable MFA, and monitor these devices continuously.
Europol Warns Financial Sector of “Imminent” Quantum Threat
Europol is urging the financial sector to prepare for quantum-safe cryptography in light of growing “store now, decrypt later” (SNDL) attacks. As quantum computers evolve, they may soon break modern asymmetric encryption used in financial transactions and contracts.
Europol’s warning emphasizes the need to secure data now before it’s too late. Stolen encrypted data may be decrypted in the future by quantum-powered adversaries. Begin adopting post-quantum encryption standards and audit critical systems to ensure future-proof data protection strategies.
Apple Releases Urgent Patch for USB Vulnerability
Apple has issued a patch for CVE-2025-24200, a vulnerability that may have been exploited in a highly targeted physical attack. The flaw could allow attackers to disable USB Restricted Mode on locked iOS devices.
This vulnerability highlights that physical threats are just as important as digital ones. Organizations should lock down USB ports, restrict device access, and apply security updates immediately. Physical security controls are an essential pillar of a modern cybersecurity program.
Phishing Scam in the Name of the Mutualité Chrétienne
A widespread phishing campaign is impersonating Mutualité Chrétienne (MC), urging users to click a link or risk losing access to services. Victims are then targeted by follow-up calls from fake banking reps to extract further funds.
Never click links in unsolicited emails—always verify via your bank’s app or website. Suspicious messages can be forwarded to:
verdacht@safeonweb.besuspect@safeonweb.besuspicious@safeonweb.be
Our SOC is available for guidance on suspected phishing cases. Stay alert and verify before trusting any communication.
Contact the Approach Cyber SOC team for tailored support and training programs.
