Criminals are increasingly looking for innovation when committing their scams and one of the main targets these days is WhatsApp. As you know, the application is currently used by a large part of the population as a communication tool, but also to pay bills, buy products and hire services, scammers take advantage of certain situations to commit fraud.
João Zabrieszach, security expert at Compare and save, highlighted the most common scams applied through the app. It also warns how you can avoid becoming a victim.
First, he explains that as soon as a person downloads and saves their number in the app, Whatsapp automatically sends an SMS to the cell phone with a code. This number is used to confirm that this device is authorized to open the messaging application from this phone number.
According to Zabrieszach, this is precisely to ensure that the Whatsapp profile is opened on the user’s mobile phone and not on another device. This code must remain confidential and must never be transmitted.
From there, he says there are two main scams: when criminals need the authorization code to duplicate the victim’s profile; and when they send messages with links to fake apps that infect the cellphone.
From then on, according to the expert, variants of the fraud emerged. See the main scams below:
For most scams to work, criminals need to impersonate someone else, so ideally they’re “stealing” someone’s account. In this way, they gain access to the victim’s entire network of contacts.
Therefore, the criminals use different strategies to send messages to the targets and thus get the profile confirmation code and be able to open the account on another device. For this they:
- They claim that the victim has won tickets for an event (show, show, football, restaurant, etc.) and he needs the confirmation code sent by SMS;
- They claim to be a clothing brand and that the victim has won a discount and they need the confirmation code to activate it;
- If they go through a government agency that needs a code sent by SMS to confirm the data for a procedure. An example: confirm the date and place of vaccination, at the time of the pandemic.
After getting the confirmation code, crooks can take over this profile.
Zabrieszach points out that the money order scam is one of the most common. In it, the criminals send a message to the victim as if they were a friend or acquaintance asking for financial assistance or, in some cases, a document, such as a passport or bank details. .
However, many times a number sends a message saying they are a friend, but it does not say who they are. What the criminal does is “throw a green card” and wait for the user to guess who the person is and from there the scammer impersonates them and starts the whole process of creating a story in which the objective is to obtain money or money .private information.
This is one of the most direct scams, because, probably, the criminal has already duplicated the account of a contact of the victim. The guideline is always to confirm the identity of the person you are talking to before making any financial transaction.
Job offer scam
Another very common WhatsApp scam these days is so-called job vacancies. Typically, criminals post an “official” photo and the name of a company and send a message requesting data about the victim in order to provide employment information or confirm that the person got the job.
Sometimes they also send links allowing the person to access the form and are in fact pages that lead to viruses or malicious applications.
Data from security firm PSafe shows that between September 2021 and February 2022, there were more than 600,000 fraud attempts in the country, an average of 120,000 per month. The offers, with very attractive salaries, are nothing but a scam that is claiming more and more victims and it’s no wonder: every minute two fake job offers are sent by messages to Brazilians .
Thus, you have to be very careful when clicking on unknown links and also be wary of very attractive job offers, especially when the person has not even applied.
Criminals also take advantage of holidays such as Christmas, Mother’s Day, Black Friday, and send messages impersonating famous brands with links that provide access to discounts and promotions.
In this scam, the user clicks on the link and is sent to a page with adware that infects the cell phone with advertisements.
Forwarded messages are also a way for criminals to spread their contaminated links to thousands of people. Through a news item that multiplies, they put a malicious link in the middle of the message and thus manage to reach many more victims.
Because it’s a strategy that involves controversial and current news and everyone’s interest, this coup usually happens around election time, when fake news runs rampant in Whatsapp groups.
How to protect two shots?
Zabrieszach stresses that it is important to recognize scams to avoid falling victim to them, but also warns that the user should always be suspicious of any message that is unknown or with suspicious content.
First, the trick is to enable double check, in which the user creates a PIN, which is a six-digit password. From time to time, the application requests this data.
After that, if the owner of that account notices something wrong in a message, they can report it to WhatsApp, in the app itself, in addition to blocking the contact they sent.
According to the expert, when the report is made, WhatsApp receives the ID of the reported user or group, as well as information about when the message was sent and the type of message – such as an image, a video or text. In addition, the application receives the last five messages exchanged between the victim and the accused.
According to information from official app websiteaccounts that violate the Terms of Service may be banned.
In addition to filing a complaint with the app itself, the victim is advised to contact contact the civil police and report the case to the Specialized Police in the Repression of Cybercrime (Dercc).