WhatsApp is one of the most widely used messaging services in the world and hence it is a very attractive hook that cyber attackers they seek to exploit to orchestrate deception.
On this occasion, a new malicious campaign has been identified in this application: He tries to trick users into believing that WhatsApp is celebrating its birthday and offering 50 GB of mobile data to browse the Internet, but it’s all a hoaxor, as cybersecurity firm Eset warned.
Not only do the victims not get the promised data, but they end up providing their phone number to the attackers and are redirected to other sites seeking to install adware on your devices.
The message includes a link that leads to a page which, as seen in the images shared, has nothing to do with the official website of the messaging appthough he uses the name to make it look legit.
To add another layer of “truth”, the site includes fake reviews from other users who claim to have won the promised prize. This is a widely used technique in this type of fraudulent schemes.
If the user continues and clicks the button shown on the page,a field will appear where you will be asked to enter the phone number to check if you meet the requirements to access the supposed benefit of 50GB.
Once the victim enters their number and presses “send”, whatever number they placed, a message will appear asking to share the benefit with 12 WhatsApp contacts or groups. Always with the false promise that after sharing the message, the 50 GB will be credited to your line.
Once the user clicks on the link, they are redirected to a fake page (Photo: Pixabay)
The system then asks for another step to access the supposed benefit. It is also stated that if you continue, you will not only get the 50 GB, but also other additional prizes.
If the user falls into the trap and clicks, they will be redirected to other pages which eventually recommend the installation of various browser extensions with unknown reputation.
On the other hand, It should be noted that it is not certain that the extension mentioned is the one that will ultimately be downloaded., since it is not the official extension repository for Google Chrome. These extensions are actually adware; that is, malicious programs that display unwanted advertisements on the user’s computer.
In addition to dubious extensions, other pages appear in the redirect process of this campaign. One of them opens a notification in the browser asking for permissions to verify that it is not a robot. If the user grants permissions, browser notifications will be enabled and unwanted advertisements will start showing on the computer, warning, for example, that the user needs to install a security solution because malicious code has been detected on the computer.
The purpose of these ads is to make the victim download additional software that might even download malware to the computer. As you can see, this is deception on different levels. The level of inconvenience the user will experience will depend on how far away they continue to click.
“The circulation via WhatsApp of this type of fraud referring to the anniversary of a well-known brand is very frequent. Over the past few years, we have reported a lot of similar campaigns in which they impersonate big companies to give pretend gifts on the so-called anniversary celebration. However, these are scams that seek to lure users with benefits that are often too good to be true”, commented Camilo Gutiérrez Amaya, head of the research laboratory of Eset Latin America, in the press release published by said entity.
1. Beware of all kinds of promises of benefits that require clicking on a link, entering data on a page where said link redirects or downloading attachments.
2. Always keep the device updated as each update comes with security patches that protect against identified and reported vulnerabilities.
3. Do not circulate messages that arrive through different messaging platforms if the veracity of the content has not been verified.
4. In the case of offers and benefits, always check with the company in question whether it is something genuine or not
5. Use different passwords on all accounts and enable second factor authentication.
6. Have a security solution that works as an additional barrier
7. Download apps only from official stores like Google Play or Apple Store.