UK +44 (0) 1225 290210 [email protected]

Another whatsapp scam

Posted: 19/04/2017

19 April 2017 - RPS Partnership

Every week brings us a new cyber scam. We wanted to let you know about this one, as we all use whatsapp on a daily basis. Contact us if we can help you. We have cyber experts who can advise, train and assist you to not fall foul of these scams. Contact us on [email protected]

Scam of the Week: It's Not a WhatsApp Voice Mail!

You probably know that the Eastern European cyber mafia does their beta testing in the United Kingdom, before they "export" their criminal campaigns to America.

Here is a warning about a social engineering phish that was spotted in Ireland and one which your users may receive in their inbox in the near future.

Warn them ahead of time!

ESET Ireland warned: "A dangerous email spam message is dropping into Irish mailboxes, pretending to come from WhatsApp. Its subject says “Missed voicemail” and the content of the mail just says “New voicemessage” and has a link called “Play”.

Clicking on the link will begin the download of a trojan that ESET detects as “JS/Kryptik.BBC”, a variant of malware first detected in August 2016.

JS/Kryptik is a generic detection of malicious obfuscated JavaScript code embedded in HTML pages that usually redirects the browser to a malicious URL or implements a specific exploit and can cause ransomware and other malware infections."

We suggest you send the following to your employees, friends, and family. Feel free to copy, paste, and/or edit:

"Criminal hackers are constantly trying to trick people into clicking on links or open attachments they did not ask for. Their new "scam of the week" is to send you an email that looks like it comes from WhatsApp and claims it is a voice mail left for you. It's not!!!!!

Do not click on the "Play" button. If you do, your computer will get infected with malware which can cause your identity to get stolen, or all your (or the organization's) files held for ransom.

Here is a general safety rule: Instead of clicking a link in an unverified email claiming it’s from WhatsApp (or any other social media) log in to your WhatsApp account the standard way instead and check for any messages there.

Remember: "When in doubt, throw it out!"

Blog post with screenshot here: https://blog.knowbe4.com/scam-of-the-week-its-not-a-whatsapp-voice-mail

Contact us for any information or advice if you are not sure. [email protected]

Back to News List
Back To Top Legal Notices
UK +44 (0) 1225 290210 [email protected]