OSI has detected new fraudulent campaigns in which cyber criminals attempt to trick users into hacking their devices.
WhatsApp, which recently offered the possibility of using the app on various devices, is one of the most popular messaging applications worldwide and has millions of active users who, at times, carry out a series of strings with messages wrong or false, like the one who claimed that the app would be paid. Some people even use this service to carry out scams, and now a new one has been discovered that also affects email in which deceive the user with social engineering.
If the Facebook-owned instant messaging app has already announced in due course that it would take a number of steps to fight fake news about Covid. 19, such as limit the number of forwardings to fight hoaxesIt seems that it should also offer alternatives or tools to detect scams. Currently, social engineering is one of the most used tools by cybercriminals to cheat and hack users’ devices, such as those emails that indicate that a subscription service has been blocked or those who claim that you have been a millionth customer, for which you have won an award. Some emails that invite the victim to follow a series of steps so that, without their knowing it, they get hacked. And now a new one has been discovered that reaches both WhatsApp and email.
On this occasion the Internet User Security Office (OSI), dependent on the National Institute of Cybersecurity, has disclosed that they have detected new fraudulent campaigns in which cybercriminals try to trick users into downloading malicious code on their smartphones. They even point out that the messages use different pretexts, such as supposed WhatsApp notifications, the download of electronic invoices and bonuses by the Covid-19. All with the sole objective that the user click on the link and download malicious file.
It may interest you | WhatsApp publishes phone numbers of hundreds of thousands of users on Google.
Fraudulent messages contain WhatsApp or Covid-19 related issues
From OSI they have also pointed out that these malicious emails capture the user’s attention by posing as a well-known instant messaging company, with issues such as the following: ‘The chat history has been attached to this email as WhatsApp Chat No. (xxxx)’. They also have issues such as ‘Bono Coivd xxxx’ and ‘Electronic invoice issue process xxxx’, although there may be cases in which the subject of these emails changes. It should be noted that any user who has received an email of this nature, has clicked on the link to consult the alleged file, and has subsequently opened the file that is downloaded, will install malware on your device.
The OSI has also detailed that the messages are characterized by containing images that pretend to be attachments that will mask the fraudulent link. Both the wording and the coherence of the message contain numerous errors that make suspect the veracity of the message. In addition, they do not make clear to the user who the entity or service that contacts them is. If you have downloaded and run the malicious file, your device may have become infected. To protect your equipment you must scan it with an updated antivirus.
On the other hand, if you have not run the downloaded file, your device may not have been infected. In that case all you have to do is delete the file you will find in the download folder. You should also send the email from your inbox to the trash. As always, in case of doubt about the legitimacy of an email, do not click on any link and get contact the company or service that has supposedly sent the email through its official customer service channels.
Always find out about the latest Android time on our official Telegram channel, join us!