Cybercriminals target WhatsApp with fearsome new scam

Cybercriminals target WhatsApp with fearsome new scam
Cybercriminals target WhatsApp with fearsome new scam

German WhatsApp users — and others! — must be extra vigilant. A new phishing scam, spotted on Reddit, is spreading in particular in Germany, using a formidable trick: scammers send fraudulent messages by spoofing the official WhatsApp number. This number, normally reserved for sending verification codes, allows these fake messages to slip just below the real app notifications in the SMS list.

False message, real danger

The trap is simple but effective: the message invites the victim to click on a link which redirects to a page imitating that of WhatsApp. On this page, a fake chatbot, presented as “online customer service”, engages in a reassuring conversation in perfect German. But behind this facade lies a skillful maneuver to gain access to the user's account.

© EmPiFree

The chatbot guides its victim step by step, asking them to access their WhatsApp settings to “link a new device”. He then invites him to use a little-known option: association via telephone number, instead of the classic QR code scan. To complete this operation, the bot provides a six-digit “security code”, which is supposed to be entered into the application. In reality, this process gives fraudsters full access to their victim's WhatsApp account, allowing them to read and send messages without their knowledge.

This method hijacks a very real and useful feature of WhatsApp, originally designed to allow users to connect their account to a browser or other device. Unfortunately, scammers exploit this option to their advantage through psychological manipulation tactics.

To avoid unpleasant surprises, regularly check the devices connected to your WhatsApp account. In the app menu, under the “Linked Devices” option, be sure to remove any devices that you are no longer actively using. This is the first step to locking your account.

Also, be wary of messages that contain links or ask you to perform “security checks.” Even if the sender's number appears legitimate, take the time to verify the address of the proposed site. If it differs even in one detail from that of WhatsApp (whatsapp.com), there is a good chance that it is a phishing.

Finally, remember that WhatsApp will never ask you to link a device or perform security checks via message. And if a request seems suspicious to you, it is better to ignore the message or report it directly to the platform. When in doubt, beware: appearances can sometimes be deceiving, but with a little caution you will keep your data safe.

???? To not miss any news on the Journal du Geek, subscribe on Google News. And if you love us, we have a newsletter every morning.

-

-

PREV “Black carbon”, a super pollutant of the climate and the atmosphere
NEXT Google Pixel 10: First phone case reportedly gives first look at camera design