Cyber-crooks are trying to tempt innocent WhatsApp users into joining a dodgy porn group designed to trick them into handing over valuable personal information.
Experts from the tech firm Vade Secure have issued an urgent warning to WhatsApp fans, who are fast becoming one of the favoured targets of digital scammers.
It has published a new study exploring the growing risk posed by ‘phishing’ scams in which people are tricked into giving away passwords, bank details or other compromising data.
This is often achieved by persuading people to visit fake websites made to look like a financial institution or some other trusted organisation.
Vade Secure found that social media accounted for 25% of phishing scams in the last quarter of 2019 after almost doubling from 13% in the third quarter.
It said this ‘growth was driven by WhatsApp’, with one campaign inviting people into a porn group responsible for a large proportion of the scams.
Once persuaded to join a group called Berbagi that peddles porn, victims are encouraged to visit phishing websites where they can be fleeced.
‘Digging into WhatsApp, the staggering growth in phishing URLs stems primarily from a campaign inviting recipients to the so-called Berbagi WhatsApp group, which advertises pornographic content,’ the tech firm wrote.
It’s important to remember that this surge in phishing isn’t actually WhatsApp’s fault.
It cannot and should not censor people’s communications to remove dodgy links, because this would erode user trust and counteract the protections offered by the app’s tough end-to-end encryption.
It’s up to individuals to take responsibility for their own security.
Traditionally, phishing is designed to trick people into giving away bank details or some other financial information, but this is changing.,
Vade Secure wrote: ‘Rather than seek a financial payback from social media phishing, cybercriminals may be harvesting credentials and then attempting to reuse the passwords to hack into other online services.
‘After all, a 2019 Google survey found that that two in three people recycle the same password across multiple accounts.’
Source: Read Full Article