Scammers have used Brazilians’ interest in WhatsApp as bait to install viruses capable of diverting Pix, carrying out remote operations and stealing data. The company itself recognizes that Brazil is the country of this chat application.
Fake versions of Brazilians’ favorite app are behind some of the main online frauds reported by Sheet. Not without reason, as the messaging app has at least twice as many searches on Google as the most searched social network in the world today, Instagram. Interest in competitor Telegram is ten times less.
To avoid falling into traps, people need to only use safe sources to install WhatsApp. These are the official stores: Play Store, in the case of Android, and App Store, in the case of iPhone and other Apple devices.
The application with the wrong spelling “Watsap Web”, for example, was the decoy of the link that installs the computer virus used to carry out a scam that diverts Pix in copy and paste mode.
On infected computers, the program spies on the victim for a while until it detects the moment of online purchase via Pix — made by scanning a QR Code or copying a code. According to Kaspersky, the virus only works if the person chooses the copy and paste transfer.
When someone copies the text, this part is stored in the computer’s memory, in the so-called “clipboard”. The malware then exchanges the saved code for another, whose destination is the criminal’s account.
In the case of “Watsap Web”, the link was deindexed from Google, after the search engine received complaints.
If you find problematic links in Google searches, you can alert the company, using the “Feedback” option, available in the more options (“…”) button. There, the user can describe their report and attach images.
In the case of the virus that automatically diverts Pix on cell phones, the bait was also WhatsApp. The fraud started in a notification promising “Whats App v2.5 Update”. It is common for scams involving WhatsApp to make promises of generic improvements, such as “Blue WhatsApp”, “Pink WhatsApp” or different versions.
In this case, whoever downloaded the “Whats App v2.5 Update” program had their device compromised and vulnerable to a sudden change in the Pix recipient.
The malware operates in the step before the password request — the few signs are screen shakes and slow loading times. Scammers take up to 95% of the account balance in a single scam.
Users should be careful: updates are always downloaded under the name of the same program (WhatsApp, in this case), and app stores offer the option to update, not install. Also, be wary of notifications from unknown addresses.
A global survey by cybersecurity company Kaspersky shows that malicious mobile applications were one of the main types of online scams, with more than 1.6 million incidents blocked by antivirus alone in 2022.
“On the other hand, protections to avoid them are also on the rise and scammers are already commenting on the difficulty of being able to publish malicious apps in official stores. Given this context, we believe that new fraud schemes will be created, and they will be increasingly increasingly sophisticated”, says Alisa Kulishenko, security specialist at Kaspersky.
Here are precautions to avoid this scam:
- Periodically review the permissions of apps installed on your cell phone
- Carefully evaluate before installing new programs, especially when it comes to sensitive authorizations, such as the use of accessibility services. For example, the only permission a flashlight needs to have is flashlight access – and that doesn’t include camera access
- Install a reliable antivirus to detect and remove malware installation attempts on your cell phone
- iPhone owners have some privacy controls provided by Apple and can block apps from accessing photos, contacts and GPS
- Always update your cell phone’s operating system and applications. Many hacks can be prevented by making these fixes
Brazil is the global leader in fake link scams on WhatsApp
The Brazilian was the most targeted target in the world in scams with fake links on WhatsApp in 2022, according to a report from consultancy Kaspersky. The cybersecurity company identified 76,000 attempts at this fraud in the country last year alone.
Scammers use popular themes as bait to trick people into sharing personal data — the scam is called phishing, in reference to fishing. This information is used in other financial frauds: online purchasing, creating orange accounts, among other crimes.
Furthermore, in the state of São Paulo alone, at least 9,645 people suffered scams on WhatsApp, among the more than 75 thousand cases of digital fraud and cell phone hacking registered in the state of São Paulo.
The platform is the most cited, ahead of Instagram (8,061), Facebook (1,229), “messaging apps” (1,083) and dating apps (75).
Data on the 75,102 cases of cell phone hacking and other digital crimes in the state of São Paulo between January 2019 and April this year were obtained by Sheet via the Access to Information Law.