A new phishing campaign is targeting WhatsApp users to lure them to install malware that steals information on their devices via email.According to a recent report, the campaign Targeting at least 27,655 email addresses It also leverages WhatsApp’s voice messaging feature (which recently received new features) to spread malware that can steal sensitive user information, such as account credentials stored in browsers and applications. Read below for more information.
Beware of this WhatsApp phishing campaign!
Recent report by Bleeping ComputerQuoting Armorblox cybersecurity researchers, threat actors impersonating the WhatsApp team are sending emails containing malware to WhatsApp users.Infected emails arrive as new notifications “Private voice mail” In WhatsApp, the sender uses an email address that belongs to the Traffic Safety Center in the Moscow region.
Reports show that an attacker has somehow abused a domain to use an email address.When Phishing emails are not blocked or flagged by the built-in email security solution because email addresses look legal and authentic at first glance. It is considered one of the major issues facing such email-based phishing campaigns.
In the email Preview of “Private Voice Mail” There is a play button at the bottom. Clicking this button will take the user to a malicious website and further ask for their permission to allow in-browser notifications. The website attempts to trick the user into clicking the “Allow” button by displaying a prompt as a capture to see if the user is a robot. Click this button to In-browser notifications, This makes users targeted for fraudulent, adult site and malware ads. In their browser.
Also, if you click the allow button, The website encourages users to download the package. In this case, this is a malware tool that steals information... Once the user installs the tool on the device, an attacker can steal personal information, bank credentials, crypto wallet details, SSH keys, or locally stored files.
How to avoid WhatsApp phishing attacks?
Currently, emails containing malware go through various security solutions and use tricks to guide users to install malware tools, but there are some clear tips that reveal the true agenda. First, WhatsApp Do not send individual emails to notify you about voice messages.. Notifications are sent directly from the app to the user’s system notification panel.
Secondly, No WhatsApp logo Or something to make sure it’s a legitimate WhatsApp message In the email preview. In addition, email addresses and website URLs have nothing to do with WhatsApp. And third, you don’t need to download any additional programs to listen to simple WhatsApp voice messages.
These are just some of the clear warning signs that users need to be aware of when working with such phishing emails. Therefore, if you encounter such an email in your inbox, please delete it and report it to the sender immediately.