New WhatsApp scam deceives users into opening malware sent by ‘friends’.
WhatsApp, the world’s largest cross-platform messaging app has allegedly been the target of a new scam, which misleads users into disclosing personal information that might be used against then.
According to The Independent, the links appear to come from friends and leads users to a discount page which asks for personal details of the user.
Some unsuspecting users are then led to a fake website via the links, which in turn infects the user’s phone with malware, allowing the scammer to obtain sensitive information about the user.
Kaspersky Lab principal security researcher David Emm said WhatsApp’s prevalence in India and Europe has caught the attention of scammers. Emm has said in the report, “We have noted that this WhatsApp scam has been actively circling for some time. It ‘speaks’ several languages so the attacks can be customised for each market.”
“The message convinces the user to forward the message to 10 contacts, so he/she can receive a certain promotion (such as £5 discount at Starbucks, Zara etc),” Emm added.
The message spreads like wildfire because scammers convince users to forward the message to their 10 contacts so that they can receive a certain promotion. Some scam messages require users to register with their basic details such as name, email, phone number and address. Fraudsters then install malware on the unsuspecting user’s phone.
Recently, WhatsApp crossed a billion users in the world and has over 65 million users in India, making it an attractive ground for fraudsters. As a result, the effect of the malware attack can be far reaching.
The company of late waived off the 99 cents annual subscription charge. So, if users receive a message asking to share it with unspecified number of contacts to avoid suspension, it is a scam. Similarly, messages that include suspicious links to websites with a promise to offer discounts are scammers who are attempting to infect the device and obtain personal information. It’s best to avoid clicking on any links unless verified by the trusted sender.
If users receive such links from friends, contact them separately through a different medium (SMS or call) if possible, to verify its legitimacy.
This is not the first time WhatsApp has been used as a platform to attack users. Earlier, another scam in the app was exposed by the security researchers that posed a threat to all users by attempting to access and retrieve information from banking apps on users’ smartphones. Similarly, several cases were reported last month where Android users were trying to update the messaging app, but they accidentally installed malware that stole their data.
Working as a cyber security solutions architect, Alisa focuses on application and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.