Criminals increasingly seek to innovate when committing their scams and one of the main targets these days is WhatsApp. As you know that the application is currently used by a large part of the population as a communication tool, but also to pay bills, buy products and hire services, scammers take advantage of some situations to commit fraud.
João Zabrieszach, a security specialist at Compara e Poupa, highlighted the most common scams that are applied through the application. It also warns how you can avoid becoming a victim.
First, he explains that as soon as a person downloads and registers their number in the app, Whatsapp automatically sends an SMS to the cell phone with a code. This number serves to confirm that this device is authorized to open the messaging application from that phone number.
According to Zabrieszach, this is precisely to ensure that the Whatsapp profile is being opened on the user’s cell phone and not on another device. This code must be kept confidential and must never be passed on.
From there, he says there are two main scams: when criminals need the authorization code to duplicate the victim’s profile; and when they send messages with links to fake apps that infect the cell phone.
From then on, according to the expert, variations of fraud emerged. See the main scams below:
For most scams to work, criminals need to impersonate someone else, so ideally they “steal” someone’s account. In this way, they gain access to the victim’s entire network of contacts.
Therefore, criminals use different strategies when sending messages to the targets and, thus, obtaining the profile confirmation code and being able to open the account on another device. For this they:
- Pretend that the victim won tickets to some event (show, show, football, restaurant, etc.) and that he needs the confirmation code sent by SMS;
- They pretend to be a clothing brand and that the victim has won a discount and that they need the confirmation code to activate it;
- If they go through a government agency that needs a code sent by SMS to confirm data about a procedure. An example: confirm the date and place of vaccination, at the time of the pandemic.
After getting the confirmation code, scammers are able to take over that profile.
Zabrieszach recalls that the money order scam is one of the most common. In it, criminals send a message to the victim as if they were a friend or acquaintance asking for financial help, or in some cases, some document, such as a passport or bank details.
However, many times a number sends a message saying it is a friend, but it does not say who it is. What the criminal does is “throw a green card” and wait for the user to guess who the person is and, from there, the scammer impersonates him and starts the whole process of creating a story in which the objective is to get money or money. private information.
This is one of the most direct scams, because, probably, the criminal has already duplicated the account of some contact of the victim. The guideline is always to confirm the identity of the person you are talking to before making any financial transaction.
Job vacancy scam
Another very common WhatsApp scam these days is the alleged job vacancies. Typically, criminals post an “official” photo and name of a company and send a message requesting victim data as a way to fill in job information or confirm that the person got the job.
Sometimes they also send links for the person to access the form and are actually pages that lead to viruses or malicious applications.
Data from security company PSafe shows that between September 2021 and February 2022 there were more than 600,000 fraud attempts in the country, an average of 120,000 per month. The offers, with very attractive salaries, are nothing more than a scam that has made more and more victims and it’s no wonder: every minute, two fake vacancies are sent by messages to Brazilians.
Thus, it is necessary to be very careful when clicking on unknown links and also to be suspicious of very attractive job offers, especially when the person has not even applied.
Criminals also take advantage of holidays such as Christmas, Mother’s Day, Black Friday, and send messages posing as famous brands with links that give access to discounts and promotions.
In this scam, the user clicks on the link and is sent to a page with adware that contaminates the cell phone with advertisements.
Forwarded messages are also a way for criminals to spread their tainted links to thousands of people. Through a news item that is on the rise, they put a malicious link in the middle of the message and, in this way, manage to reach many more victims.
Because it is a strategy that involves controversial, current news and everyone’s interest, this coup usually occurs during election times, where fake news runs rampant in Whatsapp groups.
How to protect yourself from scams?
Zabrieszach points out that it is important to recognize scams to avoid becoming a victim, but also warns that the user should always be suspicious of any unknown message or with some suspicious content.
First, the tip is to activate double verification, in which the user creates a PIN, which is a six-digit password. From time to time the application requests this data.
After that, if the owner of that account notices something wrong in a message, he can report it to WhatsApp, in the application itself, in addition to blocking the contact he sent.
According to the expert, when the report is made, WhatsApp receives the ID of the user or group reported, and information about when the message was sent and about the type of message – such as image, video or text. In addition, the application receives the last five messages exchanged between the victim and the accused.
According to information on the app’s official website, accounts that are identified as violating the Terms of Service may be banned.
In addition to making a complaint to the application itself, the orientation is for the victim to contact the Civil Police and report the case to the Police Specialized in Repression of Cyber Crimes (Dercc).