Skipping through multiple layers of security, a WhatsApp scam has infiltrated the messenger's servers and targeted 27,000 users in a nasty cyber attack.
Email addresses that use Microsoft Office 365 and Google Workspace have been targeted by the ploy, which was first detected byAmorblox.
The online security company noted that users were receiving an email under the title “New Incoming Voicemessage".
The email contained a “private voicemail” attachment and used a technique called "brand impersonation", which is when fakers try and impersonate real businesses in an attempt to scam innocent people.
How did the WhatsApp Scam work?
The email was riddled with misspellings and indicative red flags, but for those who pressed the voicemail message anyway, the hack had already begun.
The link took people to a CAPTCHA link that asked people to prove they weren’t a bot, but this was placed as a distraction and if users went through with the instructions they would have malware installed onto their device.
According to Amorblox, people who fell for the scheme left their passwords vulnerable, putting them at risk of further cyber attacks.
The attacks were specific to the person they were targeting, with people's names inserted to make them look more genuine.
Multiple factor authentication and a general scepticism towards things sent your way are a good way of protecting yourself from hackers.
Why are there currently more cyber attacks?
US hacker jailed for advising North Korea on cryptocurrency in criminal sanctions breach
Meta, which owns WhatsApp, has been increasingly involved in the fight against cyberattacks since the beginning of the war in Ukraine, with more coming in since it started.
This is likely because hackers know defence systems are spread thin and WhatsApp, which has not been banned in Russia, may make an easier target.
Although there is no confirmation that the Russian government has anything to do with the attack, this particular phishing scheme has involved an email address that is connected to a site called "Center for Road Safety of the Moscow Region".
In 2021, it was reported by the Mirror that half of Brits are so worried about scams thatthey ignore genuine emails.
Professor Kerensa Jennings, senior adviser on digital impact at BT, said at the time: “From emails asking people to help transfer vast sums of money, to more recent scam emails that pretend to be from your bank or a well-known company, asking you to share your personal information.
“It's no wonder therefore that people are cautious and careful – rightly so.
“It's important that we're all aware of the latest scams and what we can do to protect ourselves, so we don’t miss out on genuine correspondence but stay safe if there is anything sent with malicious intent.”
Source: Read Full Article