WhatsApp users need to keep their eyes peeled for a sneaky new scam which is spread via email and could leave you seriously out of pocket. The email, which has already been sent to almost 30,000 people, claims to be a notification from WhatsApp telling you that you’ve received a new private voicemail – with a button in the email that claims to send you to the recording within the app. However, that’s not the case. Clicking on the button will download malware on your device capable of stealing all login information saved in your web browser – including bank login credentials, logins for payment software like PayPal, and more.
WhatsApp will never notify you about an unread message or voicemail over email, instead the service sends a notification on your smartphone. Cyber crooks are turning to emails because it allows them to bypass security measures implemented by WhatsApp. By clicking on the link, you’ll also leave your email app – stopping Gmail, Outlook, or another provider from warning about the site you’re being linked to.
The fake email impersonating WhatsApp is sent from an address belonging to the Centre for Road Safety for the Moscow Region. Because this email address belongs to a legitimate entity the bogus WhatsApp message isn’t flagged or blocked by email security systems.
That makes it particularly dangerous.
And as outlined above, if any WhatsApp user clicks on the link in the email they could end up being left severely out of pocket as the malware that ends up getting downloaded onto a machine is capable of stealing account credentials stored in browsers, accessing cryptocurrency wallets and even getting access to files saved on a computer.
The threat was discovered by researchers at email security solutions provider Armorblox. Outlining the threat in a post online and how to stay safe from it they said: “Since we get so many emails from service providers, our brains have been trained to quickly execute on their requested actions.
“It’s much easier said than done, but engage with these emails in a rational and methodical manner whenever possible. Subject the email to an eye test that includes inspecting the sender name, sender email address, language within the email, and any logical inconsistencies within the email (e.g. Why is a WhatsApp link leading to an HTML download? Why is the sender email domain from a third-party organisation?).”
Armorblox also offered the following advice on how to stop any of your sensitive user logins from falling into the wrong hands.
The email security experts advised…
– Deploy multi-factor authentication (MFA) on all possible business and personal accounts
– Don’t use the same password on multiple sites/accounts
– Use a password management software like LastPass or 1password to store your account passwords