Common WhatsApp Scams

Now that WhatsApp has become the world’s most popular text messaging application, it has also become a popular venue for fraudsters. News reports indicate that there is now a wide variety of WhatsApp-based scams out there, some of which are quite clever.

https://blog.malwarebytes.org/wp-content/uploads/2015/03/whatsapp-scam.png

A WhatsApp Scam that invited users to send Malware to friends.

All WhatsApp users need to be aware of these ripoffs because they are increasingly sophisticated and common. Unfortunately, a lot of people do not become aware of these rackets until they get victimized by them.

Common WhatsApp Fraud Tactics

The best way to spot a WhatsApp scam is to become familiar with the tactics that the fraudsters use. The execution of these strategies often changes, but the basic tactics remain the same.

Some of the Most Popular WhatsApp Fraud Tactics Are:

Sponsored links
  • Malicious Links: This is a link added to a message that looks something like an update or a new app. It may tell you that your WhatsApp will not work if you click on it. The problem is the app might download spyware or add a service to your phone for which you could be billed hundreds of extra dollars.
  • The Fake Update: This is a message that looks like it is from WhatsApp. It might be offering a new version of solution or a new feature. The only problem is that what you really download is a malicious link that signs you up for services you do not want or steals your data. It might even contain a message that claims to be from a WhatsApp employee.

http://blogs.quickheal.com/wp/wp-content/uploads/2015/03/WhatsApp-Calling-Invitation-Scam_beware.png

  • The Premium Rate Message Scam: This is one of the fastest growing WhatsApp scams out there. It works like this: you get a message that says something like “this is Joe, please contact me about the job interview or the $500 prize.” When you respond, you get redirected to a premium rate message service for which you get billed. Instead of a free WhatsApp message, you end up paying to respond to the scam. Many of the predators behind this scam have their own messaging companies that charge many times the going rate.

http://www.onlinethreatalerts.com/article/2013/11/2/whatsapp-fake-or-hoax-messages-spreading-like-wildfire-again/0.jpg

  • Manipulating Web Traffic: This scam tries to send a lot of traffic to a website so the site’s owner can make large amounts of money from advertising solutions, such as Google AdSense. Google and similar services pay by the click; the more traffic, the more money. Many of these scams involve messages that claim a new WhatsApp feature is available for free at a certain website. Others might claim that there might be a tablet or a coupon available. The idea is to create a lot of traffic, sometimes to bill advertisers, sometimes to inflate the site’s value so they can sell it.
  • Browser Frauds: This is a message that claims you need to download a “special WhatsApp browser.” The problem is that the browser is really malware that is looking for your credit card or banking data.
  • Asking for your Phone Number: This is a fake message that claims to be from WhatsApp and asks for your phone number. Do not respond. WhatsApp never contacts users and asks for phone numbers; instead, the fraudster is trying to sign you up for a “premium service” that will add extra charges to your phone bill.
  • Message from a friend. This looks like an audio or other message from a friend that contains a malicious link. It may look like a real message and it may have a friend’s name on it. Fraudsters sometimes send these out after swiping somebody’s data. They may also simply send out a large amount of spam with a common name like Fred or Lucy on it, hoping that somebody will respond. Be leery of messages that do not look right or do not read as if your friend actually wrote them.
  • Fake Sext. This looks like it contains something erotic, but is really a malware delivery system. A good rule of thumb is to never open anything that looks the least bit erotic.

Notorious WhatsApp Scams

Now that we know the fraudsters’ tactics, we can take a look at some of their scams and see how they work. A few of the most pervasive WhatsApp frauds include:

http://blog.uptodown.com/wp-content/uploads/whatsapp-oro-fraude.jpg

  • WhatsApp Gold: Spain’s national police, the Civil Guard, claim that this racket raked in $5.58 million before they shut it down. The fraudsters sent out hundreds of fake SMS and WhatsApp messages. The messages prompted the victims to text a call center, where con artists were waiting to keep them on the line. The crooks then used a variation on the premium message scam to add hundreds of dollars to phone bills. The victims thought they were flirting with women. One victim found $2,230 in extra charges on his phone bill.
  • WhatsApp Plus Secure: This is a fake app that promises to enhance your WhatsApp often with new emoticons or tweaks. It actually installs malware and malicious links. News articles indicate that this app often promises to allow you to download bigger pictures of videos. Never accept a new app from a message. Instead, go to Google Play or the App Store and check for it there. If you do not see the app there, chances are it is not legitimate and should be avoided. If the app is for real, download the official version from Google Play, The Windows Store, or the App Store just to be safe.
  • WhatsApp Spy or WhatsApp Public. This is a fake app that claims it can show you how to spy on your contacts through WhatsApp. It is really a malware delivery system. It usually shows up as an advertisement in a message.

http://i1-news.softpedia-static.com/images/news2/WhatsApp-Scam-Emails-Distribute-Multi-Platform-Mobile-Threat-383072-2.png

  • WhatsApp Voicemail. This scheme involves a text that claims you have a new message on WhatsApp Voicemail. The only problem is that there is no WhatsApp Voicemail. Instead, what you open is – you guessed it – a malicious app. Be really careful because some of these messages may contain the names of real friends, coworkers, or family letters. It also may contain generic term such as “you have a new message from mom.”
  • Disable Double Check. This was a fake app that claimed to be able to turn off a controversial WhatsApp feature called double check. Those who clicked on the app got signed up for a premium messaging service.

The best way to avoid these scams is to be careful what you open. Try to avoid any message that contains a link or promises a contact of some sort.

Sponsored links