Cybercriminals and their WhatsApp scams
18% of Internet users in the United States has been the victim of cybercriminals who stole important information in this year it is indicative of the growing trend of data theft on the web. In fact, a study conducted in January by the Pew Research Center shows a sharp increase in information theft compared to mid-2013, when 11% of respondents said that has been a victim of this crime. And it is that although many users believe that the data theft only occurs through deceptive emails or income to websites with viruses, it has also touched the door everyday applications such as WhatsApp. A study by ESET, specialized in detecting such threats identified several campaigns infection that used to recognized trademarks such as Zara, Starbucks or McDonald’s to trick users into company.
The company says that the so-called social engineering, the art of dissuading people with some end, is one of the strengths in this type of fraud: the name of upscale shops or trustmarks that normally are not linked is used to digital fraud or handle sensitive information to cybercriminals mislead users by exploiting the trust relationship to those marks, which were never affected or linked to security incidents; all the templates used for the attack are very similar, personalizing them for each brand with their respective colors and logos.
So the purpose of the campaign is accompanied by various activities that mislead the user, as case numbers Premium SMS subscription and installation of potentially unwanted applications. The company says that the servers involved in investigating found that are hosted in the Republic of Moldova (Europe) and evidence that other companies have been and may be found to be affected. Among them, we can mention large stores present in multiple countries were chosen minutely under the premise of being very popular, these are: IKEA, H&M, KFC (Kentucky Fried Chicken), SPAR, 7-Eleven, Wal- Mart.
“This type of scam shows why education in this case is the first barrier of protection; in that sense, we intend to reflect and alert users about these new trends using ancient techniques on channels like WhatsApp “Lucas said Paus, Information Security Specialist ESET Latin America. To avoid this kind of deception the company has made the following recommendations:
- No misleading links continue arriving through text messages, WhatsApp or other messengers
- Do not provide personal information if the source is not reliable
- Do not install applications unofficial repositories
- Do not share contacts, malicious messages or appear suspicious
- Use a security solution that blocks malware and fraudulent sites
Whereas much of the deceptions circulating today taking advantage of the popularity and number of users of the major platforms, the company also recommends WhatsApp also protect the following measures:
- Block WhatsApp photos from appearing in the gallery
- Hide notification “Last Online”
- Restrict access to profile picture
- Beware of scams
- Disable WhatsApp if the phone is lost
- Be careful with the information that is transmitted through the platform