WhatsApp Scam: too good to be true

Next story


New and innovative ways to hack private and personal accounts come around every day, and a recent WhatsApp message that was circulating is a prime example of Phishing techniques.

The message was claiming to give away £100 vouchers for the likes of Sainsbury’s, Topshop and other high profiles shops. This message appears to come from a friend or family, and claims that they had already collected their £100, creating a false sense of security for the recipient. This is then heightened, as the link appears legitimate, looking just like the supposed website.

The malicious data is hidden inside the fake link, and once clicked will steal their information, data and potentially financial details. Mark James, ESET IT Security Specialist, Talks about the dangers of clicking on these types of links from WhatsApp and what it could potentially do.

“Sadly people still fall for these types of scams: they are tricked and tempted into following a link from their favourite social media app, without actually recognising the dangers.

They are usually presented with an offer of freebies, with little or no effort needed on their own behalf.

“Once on the page, all manners of malware could potentially await them. This could include, but is not limited to: potential phishing attacks to obtain your personal or private information; installation of malware; harvesting your details for spam attacks or displaying inappropriate pictures or videos.

“These scams have been around for a while and show no sign of slowing.

“For this to happen a couple of things need to happen: for one, the pages need to adapt and continue to look authentic. This of course is relatively easy, as obtaining life like pages is just a case of duplication of existing pages from the look-a-like companies.

“Secondly, there needs to be a high degree of success. If they never worked then they would not still be doing the rounds, which proves that generally we are not learning and continue to fall foul of these types of attacks.

“Making sure your Operating System is maintained, updated and preferably on the latest version. You also need to make sure your applications are up-to-date as well: if you’re using an old application that has had no updates for a while then you should consider an alternate product.

“One of the easiest ways to protect yourself is to ensure you’re using a regularly updating multi-layered security product.

“This will deal with the majority of malware you encounter on a daily basis, and should serve to pre-warn you of phishing pages and potential malware infected websites.

“Sometimes even just stopping and taking a breath, then ask yourself “what’s the chances of this actually being real?” .

“I understand it may seem no harm can be done by clicking links or filling out forms, but computers are able to do many things at once, and not all malware requires you to interact with it to install.”

What’s the most obvious phishing scam you’ve seen? Let us know on Twitter @ESETUK

Join the ESET UK LinkedIn Group and stay up to date with the blog. If you’re interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.