New wave of scams on WhatsApp: How to avoid them?

June 24, 2024  20:05

In June 2024, more than 200 websites were discovered that were used to steal the WhatsApp accounts of residents of the Russian Federation under the guise of participating in various voting and photo contests. Ivan Lebedev, head of F.A.C.C.T's anti-phishing group, told Gazeta.Ru about this.

How does the mechanism work?

Potential victims receive links to phishing sites in messengers, social networks and e-mails. When following these links, people are required to authenticate to the contest service with their WhatsApp account. Two types of fraudulent pages are used for this: one that copies the WhatsApp login page, and the other that bears no visual resemblance to the messenger. 

The second type of resource often opens a whole new page that contains information about the project and rewards. Criminals motivate victims to participate in contests, the winners of which are promised iPhones, iPads, AirPods, premium subscriptions, cash prizes, social media popularity and high number of likes, etc. Scam pages often have an "Answers to your questions" section, where scammers assure users that participating in the given contest is completely safe. 

After authentication in the fraudulent resource, the victim loses access to his messenger account, which after stealing it, the criminals can send emails to the victim's contacts and ask for financial assistance for treatment or other purposes and trick them into extorting money. 

More than half of the detected fraudulent resources are located on the and technical domains owned by Cloudflare. Another part of domains is registered in .ru, .site, .store and other domains.

How to avoid?

Users are advised to enable the built-in security functions of WhatsApp messengers, such as two-factor authentication, check domain names of suspicious websites, codes received via SMS and push notifications, do not share bank card and personal information with others and do not enter them on third-party platforms, do not go through messages sent by strangers and with links that seem suspicious.

  • Archive