During the past few days, several users contacted us after encountering suspicious “security alerts” on their iPhones. At first glance, these pop-ups looked like genuine system warnings, urging users to take immediate action to “secure their device.”
In reality, the alerts were advertisements placed on Meta platforms (Facebook and Instagram), specifically targeting iPhone users. The deceptive design of the ad — closely imitating iOS system notifications — successfully tricked many users into believing the message originated from Apple itself.
Clicking on the ad led users to the Apple App Store, promoting a specific VPN service via the domain iosjoomgard[.]com VirusTotal analysis shows that this domain was scanned from multiple countries throughout September, suggesting it was part of a broad international campaign, not one aimed solely at Armenia or any specific group.
Although the link did not distribute malicious software, the case still raises concern.
Several journalists and editors reported being misled and were prepared to follow the instructions shown by the scammers.
This incident highlights a growing vulnerability of civil society to social engineering and deceptive design — tactics that exploit user trust in familiar interfaces rather than technical weaknesses.
Takeaway:Even legitimate advertising platforms can be abused to spread misleading content. Users — especially those in media and public communication roles — should remain alert to security-themed ads that mimic system notifications. Always verify the source before taking action, and remember: Apple never sends security warnings through online ads.