A series of phishing campaigns have been observed to be hitting WhatsApp users, according to the latest report. The hackers are said to be launching a new form of cyberattack by spreading malware to several email addresses.
Additionally, the operation involves imitating the voice message feature of the messaging platform. With this, cybercriminals will be able to steal valuable (and confidential) information from their victims.
WhatsApp Phishing Campaign
A new phishing campaign is hitting WhatsApp users.Here are the reminders that you need to know to protect yourself from this malware attack.
Data theft is widespread all over the globe and researchers could not mitigate its fast progress. The malware infection is easily carried out by injecting bad security software into the system of an app.
According to a report by Bleeping Computer on Monday, April 4, the hackers use a set of "special-purpose malware tools" to launch credential theft on WhatsApp users.
These tools could not only steal the personal details of an individual from the app itself. They can also gain access to the user's computer files, crypto wallets, and even SSH keys.
Now, cybercriminals are using voice messages as a trap for their operations. Of course, WhatsApp can allow sending voice messages to all users regardless if they came from a private or group chat. However, the danger starts upon receiving a new notification that disguises itself as a phishing campaign.
In addition, you should be aware that the suspicious message has a "Play" button and even the duration of its creation.
Watch Out For This Email
If the sender bears the service name "Whatsapp Notifier," stay away from this link. The report included that the cybercriminals are using a Moscow-based email address which you need to watch out for safety.
Since it could bypass security alerts, there will be no indication that the email will get flagged or flagged as suspicious.
Once the user taps the button in the message, a new website will pop out. The next step will involve installing trojan malware in the form of a JS/Kryptic threat.
There's a confirmation that will ask you if you are a robot or not. After clicking "Allow," you will see a lot of ads that you usually see on an infected device. As such advertisements about adult sites and scams will appear.
Related Article: WhatsApp 'Android Worm' Malware Disguises as a Harmless Message, Infects Your Contact List [Report]
How to Stay Safe From This WhatsApp Malware
In a similar report, the information security publication wrote that users should be careful in clicking the links on their email. One thing that they need to watch out for is the obvious domain space of the application.
Do not click anything if you think that the link has malicious content. You should also not fall into the hacker's trap of receiving voice messages on the platform.
To note, these are automatically downloaded in the app's client version so expect that no information will be relayed by the IM company regarding this matter on your email.
You should also look for the WhatsApp logo which is absent in this phishing campaign. Do not immediately click links that you're not sure about. What you need to do is to verify the official website or the app for assurance.
In other news, 9to5Mac reported that WhatsApp will now limit the number of messages that iOS users can forward. This is to prevent the growing cases of misinformation on the platform.
Read Also: WhatsApp Mod Hacking: Triada Trojan Can Interfere User's Experience-- How to Avoid This Malware?
This article is owned by Tech Times
Written by Joseph Henry
