Geeks for your information Security Security Vendors Kaspersky Kaspersky Security Blog v
Phishing via WhatsApp under the guise of online voting
Phishing via WhatsApp under the guise of online voting
harlan4096 Online
MalWare Zoo Team
*******
Posts: 15,293
Threads: 9,899
Thanks Received: 9,175 in 7,327 posts
Thanks Given: 10,035
Joined: 12 September 18
#1
Bug  03 October 25, 08:33
Quote:We discovered a new wave of attacks on WhatsApp users in which attackers steal victims’ accounts using fake voting pages and social engineering on social networks.
 
“Hi! My niece is in a contest! Can you vote for her? It means the world to her”. Messages like this are common on WhatsApp — both in groups and private chats. Many people who aren’t security-savvy will, without a second thought, click to help someone they don’t actually know — and end up losing their account. In a recent investigation we found a new phishing campaign that has already hit WhatsApp users worldwide.
 
Today we’ll explain how the attack works, the potential consequences for victims, and how to avoid falling for it.

How the attack works

Cybercriminals first prepare for the attack by creating convincing phishing pages purportedly hosting legitimate voting polls — in the example below for young gymnasts, though the scenario can be easily changed. The pages look genuine: they include photos of real participants, Vote buttons and counters showing how many people have voted. Likely using AI and phishing-kits, the attackers easily produce multiple language versions of the same site — we found the identical poll in English, Spanish, German, Turkish, Danish, Bulgarian, and other languages.
 
Stage One: The Hook. On social networks, in messengers, or by email, the scammers use social engineering to direct you to a fake voting site. The pretext can be very believable, and the message may come from a friend or relative whose account has already been compromised. The request is usually personalized — in the first message the fraudster posing as your acquaintance asks you to vote for a certain contestant because they’re their charge, friend or relative.
 
[Image: whatsapp-phishing-vote-1-1.jpg]First you’re lured to a fake voting page

Stage Two: The Trap. When you click Vote, you’re taken to a page that asks you to quickly authenticate via WhatsApp. All you need do is enter the phone number linked to your messenger.

Continue Reading...
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
Wikipedia sees decline in human pageview...
Wikipedia has reve...harlan4096 — 11:30
Google announces end of many of its Priv...
When Google announ...harlan4096 — 11:29
Xubuntu's website was hacked to spread a...
Xubuntu's website ...harlan4096 — 07:19
EPIM PRO
NOTE Astonsoft ...jasonX — 18:32
PrivadoVPN - Secure Every Device with On...
PrivadoVPN - Secure ...jasonX — 17:45

[-]
Birthdays
Today's Birthdays
avatar (47)vikgoMam
Upcoming Birthdays
avatar (47)Michaelaceve
avatar (37)QuadirLigh
avatar (38)Mblippek
avatar (44)viecontAceve
avatar (40)Michaelcrini

[-]
Online Staff
There are no staff members currently online.

>