FLASH: WhatsApp phishing scam
Last week, many folks became aware of a messaging app called WhatsApp due to the announcement of Facebook intention to purchase it for a paltry $19B. Now there is a WhatsApp phishing scam circulating (actually its been around for several months, but seems to be making fresh rounds due to the acquisition announcement).
One receives an innocuous looking email from WhatsApp that says you have a new voice message. You click on the “Play” button and it says that you need to load an app, player or update a web browser. Commencing the download will load the malware on your phone or computer.
The primary target seems to be Android devices, since it’s difficult to load software onto iPhones and iPads outside the App Store. Note: if your iPhone has been jail broke, all bets are off (see my post on The Hazards of Jail Breaking.)
Heres’s a screenshot of the email:
A couple things to notice:
- Though the return address says “WhatsApp Messaging Service” which looks OK, the actual return address is decidedly suspect. This is one of the things I that look at before clicking on anything.
- The “copyright” at the bottom says “2013 WhatsApp Inc”. Its 2014 and companies are very careful to indicate the current year since to not do so could impact their intellectual property rights. Also, there is no “copyright” or © designation. This is probably not something you’d notice initially, but after seeing the bogus return address, the error in copyright adds credence to the message’s fakery.
So, what are the takeaways?
- First, never download software that you didn’t specifically ask for. Also, download all software from known sites. With reference to this one, if a software download were to be required, go to the WhatsApp website to download it.
- Android has shown itself to be a more difficult mobile platform to keep safe than iOS, due to Android’s open nature. There have been a large number of malware exploits specifically targeting Android. Though it’s possible to get malware on your iPhone or iPad though the app store, its much less probable. Android has become the target of choice for mobile exploits again because of its open nature and since it has the largest market share worldwide by far.