Breaking News
1. Donald Trump postpones first rally since his trial began, due to bad weather      2. Bihar: Five more held in teacher recruitment exam 'paper leak' case      3. Nine people died in a road accident in Panchola near Aklera, of Jhalawar district      4. One Naxal has been neutralised in an encounter with security forces in the Keshkutul area of Bhairamgarh, in the Bijapur district. Details awaited: Chhattisgarh Police      5. Two dead, 14 injured in Memphis block party shooting, police says      6. Gwalior: Fire breaks out in Rang Mahal, Sangam Vatika; dousing operations underway      7. US: Trump jury set for opening statements      8. US: Appeals court refuses to halt Trump's hush money trial over defense complaints about jury selection, reports AP      9. Elon Musk came out against banning TikTok in US, even if it would mean less competition for his social media platform X, as the initiative sees fresh bipartisan momentum in Congress      10. Himachal Pradesh: Lahaul and Spiti district received a spell of snowfall      11. Jammu and Kashmir: Union Minister Hardeep Singh Puri to address Viksit Bharat ambassadors meet in Srinagar today.      12. IMF Asia & Pacific Department Director Krishna Srinivasan gives a sneak peek of the IMF report which will be released in Singapore later this month      13. Boat capsizes in Odisha's Jharsuguda, woman dead, seven missing      14. 21 police and Home Guard jawans injured as bus carrying them after poll duty overturns      15. DK Shivakumar desperately wants to become CM, says K'taka BJP chief Vijayendra      16. Sainik School Rewa in spotlight as alumni scale new heights in armed forces      17. PM Modi in Amroha: How can Yaduvanshis be with those disrespecting Krishna?      18. Prince Harry wins latest High Court trial against UK tabloid amid settlement pressure      19. Two held for IPL cricket betting in Pune      20. BJP attacks BJP and EC again, asks why only central forces deployed in Bengal     

WhatsApp Scams: 54 Cr INR Looted so far. Most Common Scams are Here

  • Posted on December 19, 2022
  • News
  • By Akta Yadav
WhatsApp Scams:Recent reports show that more than Rs 54 Cr have been looted by the online scammers by using WhatsApp. We take a look at some of the most common ways in which this social media platform is being used by criminals to commit crimes such as account theft, phishing, or even distributing malware. The way in which cybercriminals use WhatsApp to commit some type of fraud is very varied and there are different modalities. Most of the hoaxes circulating through or on behalf of the app use social engineering; that is, the art of manipulating the user by making him believe something that he is not and convincing him to perform an action that interests the offender. While many modalities share features, we have arranged them as follows.

Hoax of the false anniversary of a brand

This hoax begins with a message that reaches the potential victim indicating that a well-known brand or service is celebrating its anniversary and is therefore offering some kind of gift or benefit. The message includes a link so that the user can access their prize, but before obtaining it, they usually have to complete a survey. Then, to continue, you must share the message with a certain number of contacts or WhatsApp groups. However, the gift or prize never materializes and the user is redirected to sites that display invasive advertising. In some cases, malicious campaigns ask the victim to download suspicious applications or plug-ins that usually end up installing some type of adware that displays invasive advertisements and collects user information. Although the most common excuse is usually the celebration of the anniversary of a well-known brand, this type of fraud also takes advantage of special dates, such as Black Friday, Easter or simply a unique promotion.

False financial aid

WhatsApp Scams WhatsApp Scams These types of social engineering campaigns through WhatsApp were widely observed during the pandemic, with scammers looking to take advantage of the economic needs of citizens to trick them into stealing their personal data. It is worth remembering that personal data, such as name, date of birth, document number, nationality, among others, in addition to being marketed in forums, are used by criminals to carry out other frauds. The deception of false financial aid usually begins with a message about a solidarity aid program for certain sectors of the population and they invite those who meet the requirements to register to receive the aid. As part of the process, users must fill out a form, but unfortunately this information is what is collected by those behind this type of deception. Many of these campaigns use the image and/or name of a government agency or a legitimate program of a foundation or even a company. Although we have observed that the goal is often to collect personal information, we have also seen campaigns that seek to monetize deception through the installation of adware or some mechanism to display unwanted advertising.

Random scams to obtain personal data

This hoax begins with a message from an unknown number (numbers from countries like Bolivia, for example) from someone who plays unknown and tries to make the unsuspecting user believe that it is someone they know and that they are in another country. It usually starts with:
  • Hi, how are you? Greetings to the distance. I send you a big hug.
Then continue with something similar to:
  • I imagine you remember who is writing to you from Spain, right?
  • Don't tell me you're Mireya?
  • "Of course, how are you out there?"
Real dialogue between scammer and potential victim who decided to continue the conversation and deceive the offender The intention is to see if the victim remembers someone who is actually living in that country and will give the scammer the chance to continue with the plan. The objective is to ask for help for a small mishap. Then the supposed acquaintance tells him that he is returning to the country and that he had a problem with his passport and could not board the plane, but that the suitcases did leave. Then he asks if he could receive them and if he agrees, he asks for photos of his document from both sides to carry out the corresponding procedure and so that he can receive the suitcases.

Tools to spy on WhatsApp

It is enough to see the search trends in Google to confirm that "spy whatsapp" is a highly searched term, which reveals that there is an interest that is maintained over time by users who are looking for a way to spy on the conversations of the third party account. And this scammers know. That is why a large number of disreputable sites appear indexed on Google that promise a solution to spy on. The real goal is usually to display ads and collect information from those who decide to try these applications, extensions or online services.

WhatsApp account hijacking

WhatsApp Scams WhatsApp Scams When we install the WhatsApp app on a new computer, we must enter the phone number associated with our account. Then, an SMS message will arrive with a six-digit verification code to validate the user's identity. This process is exploited by attackers seeking to take control of accounts, both users and companies. How? The victim receives a text message on his phone or via WhatsApp asking if he can please resend the six-digit code that was sent to his phone by mistake. The message can be from a contact who has lost access to their account or from an unknown number. If the unsuspecting victim accesses and resends the unexpectedly arrived code, they will likely lose control of their WhatsApp account if they did not have two-factor authentication enabled. We have also seen that cybercriminals impersonate the official WhatsApp account of public bodies or the health sector for different types of deception, and one of them is to steal the WhatsApp verification code. For example, when in Argentina scammers took over the government and contacted users to assign appointments for the COVID-19 vaccine with the real goal of stealing the WhatsApp verification code and then scamming their contacts and downloading their information. . Another very recurring way that cybercriminals use to steal WhatsApp accounts is through SIM Swapping, although this goes beyond WhatsApp and allows the hijacking of other accounts, including bank credentials. SIM Swapping occurs when criminals manage to trick the phone company and obtain a chip with your phone line by posing as you. In this way, they take control of your phone line and the SMS with the verification code will reach the attacker who has control of the SMS. Criminals probably also have some personal information about the victim, such as the document number, date of birth, etc. That is why it is so important to be more cautious when sharing our personal data, even if it seems irrelevant. WhatsApp Scams WhatsApp Scams

WhatsApp phishing scams

Whether it's by stealing the verification code or through SIM Swapping, once they gain access, criminals use the accounts in different ways. For example, impersonating the identity of the victims. To do this, they usually download the contact list, the account profile image and other relevant information in case they want to create a fake profile with another number, but they also communicate directly from the stolen account with family and friends to request money for a supposed emergency or convince them to take some other action. In some more sophisticated campaigns that serve to understand how stolen data is connected between services, criminals carry out identity theft scams through WhatsApp after compromising an email account. A few months ago we learned of a case of a user whose Outlook account was compromised and the attackers downloaded a copy with the email contact list, photos, and his full name. Then, with this and other information collected, they created WhatsApp accounts and contacted their contact list, impersonating the victim and offering dollars to sell. WhatsApp Scams WhatsApp Scams But it is also important to remember that there are phishing scams that do not involve WhatsApp account theft, since as we mentioned before, criminals contact potential victims from unknown numbers, making them believe that they are a contact who changed their number. Finally, another similar model, but with some different characteristics, has to do with cases in which scammers use fake WhatsApp profiles posing as government agencies. Criminals communicate through chat or voice calls from company accounts that include the organization's logo. Then, a false representative tries to make the victim believe that they are eligible to receive financial aid from the state or a bonus. However, in order to credit the financial aid to their account, the criminals request a code and what the confused victim actually delivers are the keys to access the bank account.

Fake updates with new features for WhatsApp

From time to time these fraudulent campaigns that refer to the launch of a version of the application with new functions are reactivated. We have seen examples of these deceptions inviting people to download pink WhatsApp and other colors, such as blue or names such as WhatsApp Plus. WhatsApp Rosa, for example, far from being a harmless campaign, what it did was download a Trojan horse to the victim's phone.

Malware distribution via WhatsApp

It is not that common, but campaigns to distribute malware through WhatsApp have been detected. Last year, for example, we looked at app-spreading malware that tried to trick victims into downloading an app from a website pretending to be Google Play. Once the malicious app was installed, any message that reached the victim's device was automatically answered with a personalized message that included a link to download the fake app. Although the threat apparently sought to deploy invasive advertisements on the victim's phone, as researcher Lukas Stefanko explained, “This malware could possibly deliver more dangerous threats as the text of the message and the link to the malicious application are received from the malware server attacker. It could simply distribute banking Trojans, ransomware, or spyware.” Finally, attackers also often resort to distributing malware through phishing emails that masquerade as official WhatsApp communications.
No Image
Akta Yadav

You May Also Like