Phishing is the oldest and predominant type of cyber-attacks. The hacker sends malicious content through emails and text messages to the target. The target opens them unknowingly after which the whole system gets affected by the malware and lead to compromise. The success rates of phishing attacks is 50% because not everyone will open the link or attachment tagged with the content. But still these attacking techniques have taken down major organizations and led to financial crisis.
Recently, two of the companys working with the Italian government were draped by the public prosecutors, since they spread malware which infected millions of people through fake version of Whatsapp.
Since Whatsapp is a widely used media, there are many cyber threats rising against Whatsapp. There are even fake versions of different social media which are contaminated with malwares.
On February 2021, the prosecutors office in Naples released the order to block the surveillance services from SIO and Cy4gate. These companies were held responsible for spreading phishing malware through duplicate Whatsapp platforms. These malwares were also found to have the characteristics of spyware. When affected, it would pop a notification bar, which when tipped off would start the surveillance on the target’s device.
As allegations rose against their company, they formed a team to study their collaborations with their customers and whether any malware is being spread through clients.
These complaints were registered by the Italian government. So when these organizations were found to have a negative background, they were forced to dismiss their connection with the government as of pertinent law.
The cyber security officers in Italy mainly focus on evidences like wiretaps and spywares while investigating a cyber-attack. These records help them to find a way to reach the culprits. The major banned companies in Italy include Hacking Team, Negg, eSurv and now Cy4gate.
Nowadays mobile phones are used as an attacking agent to perform cyber-crimes, mainly phishing. As most of the advanced applications are available in mobile phones, the threat actors infect these applications to get access of the target’s mobile.
The Whatsapp phishing scams are increasing day by day. Instead of sending malicious attachments through emails, it’s now convenient for the hackers to send it through Whatsapp. Whatsapp has become an inevitable part of humans.
Since many email phishing attacks have been reported in the past, people have started to stay alert of suspicious emails. They are well equipped with threat detector softwares to protect their account. Due to this reason, the threat actors have turned to Whatsapp. Whatsapp is an easy way to reach multiple targets at a time.
It is easy for them to send links through Whatsapp, since there is no way to get doubted and also they will look legitimate. Till now Whatsapp has never released any feature to detect phishing links. So this is a golden opportunity for the cyber criminals and they are utilising it cunningly.
How can you detect a fake message in Whatsapp?
- Frequently forwarded messages
Whatsapp has a feature that helps you to forward messages from one recipient to other. While doing so Whatsapp indicates them by showing an arrow mark on top of the message. If the post or link is forwarded more than 5 times, instead of single arrow indication, double arrow will appear. If it is found to be forwarded many times, there are chances that it is a scam.
- Unrecognized number
When you receive message from strangers, check the authenticity of the sender. If you find anything suspicious about the message or the profile, ignore them. Do not open the attachment or link.
- Scams and suspicious links
The motive of a threat actor is to make you open the malicious link which leads to the compromise of your personal information. These links can look genuine. Some of the major links of Whatsapp scams include:
- Whatsapp gold
- Whatsapp expiration
- Shopping vouchers.
How to safeguard?
- Enable two step verification
- Never respond to strange messages or open the attachments send by them.
- Limit providing your personal information (like mobile number) in other social media platforms.
- Always check the genuinity of a message before forwarding them.
- Never join unnecessary groups.