WhatsApp users being malware'd through phished messages

WhatsApp users, beware! If you think you're recently received a zip file or an attachment through e-mail from WhatsApp, do not click. WhatsApp doesn't do e-mails with attachments.

Comodo Antispam Labs have recently detected several fishers attempting to drop tonnes of malware into personal computers and other devices disguised as official e-mails from WhatsApp. The e-mails in question, usually come with subject lines like 'You have a video announcement. Eom' or 'A sound announcement has been received sqdw' and contain attachments which they ask readers to click. The e-mail addresses from which these messages are sent are disguised with WhatsApp logos but if you take a good look at them, you'll know instantly that they aren't anything like WhatsApp after all.

Ashley Madison saga: Blackmailers, extortionists making the most of leaked profiles

"As part of a random phishing campaign, cyber criminals are sending fake emails representing the information as official WhatsApp content to spread malware when the message is clicked on. The emails are being sent from a rogue email address, disguised with an umbrella branding of WhatsApp, but if users look at the actual 'from' email address, they will see it is not from the company. In order to spread the rogue malware and infect computers, the cyber criminals are using multiple subject lines," said the firm.

While most users know where to click and which messages to mark as spam, the less curious ones may fall prey if they download any malware that come through disguised messages. The University of Cambridge runs a quite informative webpage in its website about malwares, what they can do and how to stay away from them.

Hackers: 1; Geeks: 0: Cyber attack stalls Oxford, Cambridge servers

"You may receive bounced mail messages suggesting that you have sent a virus-bearing message to somebody else. These are usually spurious; when viruses and other malware propagate by email they will usually do so with faked 'From' addresses, which may have been taken from another user's addres sbook or from Web pages," says the website.

Eight tips and tricks to stay safe online and how to check if your details have been sold to hackers!

The webpage also described what malwares can do if you aren't aware of the devastation they can cause. "Malware usually has two functions: to spread itself by some means, and to do some sort of damage or theft. This may vary from the trivial (e.g. displaying a silly message on startup) to causing serious damage to your files and your computer or logging the usernames and passwords you use for other sites such as online banking. With the increase of fast networks, and in particular home broadband, much malware is now designed to take control of your computer so that it can be used for nefarious purposes, e.g. hosting illegal data, sending spam email or being used to attack others, possibly for extortion purposes (you are likely to hear the phrases 'zombie' or 'bot' used to describe these "taken over" computers). The damage may not happen as soon as you acquire the malware; some malware is written to be activated remotely when needed, or to be activated on particular dates or after a particular length of time, often so that it has time to spread before being noticed," it said.

This malware can change your Android phone's PIN!

"Cyber criminals are becoming more and more like marketers, trying to use creative subject lines to have unsuspecting emails clicked and opened to spread malware," said Fatih Orhan, director of technology for Comodo Antispam Labs.

 

Leave a Comment