Consumers receiving variety of risky emails from ‘WhatsApp’ imposter
CROMWELL — Criminals are using the popularity of “WhatsApp” to spread malicious software, and according to Connecticut Better Business Bureau, this is a sign of how cyber crooks are increasingly focusing their attention on smart phones and tablets.
WhatsApp is a popular, instant messaging app that allows users to send text, audio messages and video over the internet to individuals or groups. Unfortunately, it is also being forged by criminals who use the look and feel of the legitimate application to spread malware.
“This is a wakeup call for consumers,” says Connecticut Better Business Bureau Executive Communications Director, Howard Schwartz. “This is a reminder that our portable technology is vulnerable to hacking, and that we have to be as careful with our smart phones and tablets as we are with our desktop and laptop computers.”
How the Scam Works
You receive an email that appears to be from WhatsApp. The subject line reads “Incoming Voice Message” and has a time stamp. When you open up the message, you’ll see a “missed voicemail” alert and a button to play the message. Recipients who click on the button unwittingly start the download of a virus that is every bit as risky as malicious software written for other computers.
WhatsApp says it does not communicate with customers via email unless they are replying to a specific customer request. Most apps communicate with you through the application itself when there are updates, enhancements and patches to improve the reliability and stability of the software. If an app suddenly communicates using a different method, it’s a red flag.
Tips to Protect Your Mobile Device From Cyber Scams
- Get antivirus software for your phone – Just as you use antivirus software for your computer, you should do the same to protect your mobile devices.
- Ignore “urgent” messages – Fear, urgency and a false sense of security entice users to click on links or open attachments. These scams typically claim that your email or bank account is being suspended or locked, or that there is a problem with your credit card, the police, court system or a government agency such as the Internal Revenue Service. There are dozens of variations, all of which are designed to deceive, lure or frighten you into clicking on a malicious link.
- Search before you click – If something seems suspicious, do a quick search online. You can easily find out if a new offer, deal or feature is legitimate.
- Be on the lookout for typical warning signs -Scammers might be impersonating the latest tech companies, but that doesn’t necessarily mean their scams are sophisticated. Look for poor grammar and check to see if the reply email address matches the business that supposedly sent it by clicking on the address of the sender.
- Verify – but not by using the information scammers provide – When you attempt to ascertain if a particular email or other communication is legitimate, don’t call the phone number or website in a suspect email. If it is a con, chances are the person on the other line will be involved, too.