With over 2 billion users around the world, it’s hard to find someone who doesn’t know anything about it The WhatsApp. Being one of the most downloaded apps globally, it is also positioned as an attractive tool for the users. cyber criminalswho do not hesitate to exploit these means of harm.
According to cyber security experts, There are several ways to defraud people using WhatsApp. We have technologies that induce people to enter their private data on suspicious links (polls, for example), download fraudulent apps, etc.
In this sense, everyday actions such as responding to messages from unknown people or opening links to supposed offers can end with the theft or hijacking of accounts, bank cards or sensitive information stored on a cell phone.
In numerical terms, a report by Kaspersky revealed that most of Malicious links detected between December 2020 and May 2021 From a group of Kaspersky users sent via WhatsApp (89.6%), followed by Telegram (5.6%) and Viber (4.7%).). From the same investigation, the company revealed the presence of 91,242 cases of phishing around the world in instant messaging applications.
To find out more about the topic, trade Cyber security companies contacted Kaspersky and ESETwho explained to us through the spokespersons how cybercriminals work and the most common techniques for phishing through WhatsApp.
The most popular form of cheating on WhatsApp
WhatsApp was launched in 2009 and since then it has added billions of downloads worldwide. Until last year, according to Digital Report 2021 Collectively produced by Hootsuite and We Are Social More than 2 billion users On WhatsApp it is expected that By 2027 their number will exceed 3,000 million.
In other words, a large audience is at the mercy of cyber attacks.
“There are a variety of scams circulating on WhatsApp. However, they all have in common the fact that they use social engineering” precise Camilo Gutierrez, Head of the ESET Lab in Latin America, in an interview with trade.
In this sense, the most common expert details are the following:
- Fake Brand Anniversary
- False economic aid
- Random scams to get personal data
- Whatsapp spy tools
- WhatsApp account hijack
- deception tricks
- Fake updates with new features
- Distribution of malware through the application
And how do they do it? In these cases, cybercriminals posing as other companies or people, contact their potential victims through WhatsApp (or other similar apps) and ask them to download fraudulent files or click on suspicious links to enter their data. Using this they can hijack the information and then demand the ransom.
Another example is account theft (“Account Acquisition‘). In this case, the victim inadvertently downloads malware that spies on the messages arriving on his phone. Then, hackers will install WhatsApp on a new device and steal the activation code via SMS to request payment from friends and family.
The main target of cybercriminals, how could it be otherwise, is Stealing moneyCyber security experts noted.
“What cybercriminals are looking for is that Victims enter their information on a fake web page, download malicious code and thus get economic gain“comment on this daily ESET spokesperson.
Social engineering at the heart of WhatsApp deception
Also, experts highlight social engineeringa concept consisting of You try to convince others to do the things you want them to do through psychological manipulation.
“In the context of cybercrime, social engineering is widely described as A non-technical method used by cybercriminals to obtain information, conduct fraud, or illegally gain access to victims’ computerss“, added an ESET expert.”Social engineering is based on human interaction and is led by people who use deception in order to violate security measures“.
This can be manifested when Cybercriminals lure us with false promises to complete surveys, provide private information, or download strange files containing malware..
What can we do to avoid falling into these traps? “Protection from social engineering begins with education; Users need to know to never click on suspicious links and always protect their login credentialsEven in the office and at home, explained Fabio Assolini, Director of the Global Research and Analysis Team for Latin America at Kaspersky.
Stay tuned and check the links: Tips to avoid falling for WhatsApp scams
One of the first recommendations of experts is Learn about the existence of WhatsApp tricksThey also noted that today there are a large number of people who do not believe that they can be victims of these attacks and trust the links in their messages.
In addition, the advice that works to avoid falling for scams is Check for misspellings or other irregularities in names, positions, or linksas some cybercriminals pretend like other companies.
“Another strategy used to spread these fraudulent links is “chains”, a common practice in which a . file is used The scammer asks the user to share the malicious link with their contacts. If this message is from someone you know, it is very likely that someone will click this link. So, avoid sharing threads or clicking on these links.“Kaspersky expert suggested.
finally, Update the operating system and applications This will help us to have more control over the apps on our cell phone.
“The idea is not to live in a state of paranoia, but Generate some awareness to be able to use technology safely”, explained the head of the ESET Lab in Latin America.
Subtly charming zombie buff. Amateur analyst. Proud tvaholic. Beer fanatic. Web expert. Evil troublemaker. Passionate internet maven. Gamer. Food evangelist.