WHATSAPP users are being targeted by cybercriminals, who appear to have unearthed a new way to steal online bank account details. Here’s everything you need to know about the new hack, and how to avoid the scam.
WhatsApp users should be careful to avoid a new scam that attempts to steal your bank account login details.
Hackers are targeting unsuspecting users with a mobile virus that is distributed via legitimate-looking Word documents sent inside WhatsApp (provided the chat app still works).
Once opened, these documents are capable of siphoning sensitive information from users, including online banking credentials and other personal data.
The virus has also been disguised as a Microsoft Excel or PDF file, according to users.
So far, the technique has only been demonstrated in India, with the malicious files bearing the names of the NDA (National Defence Academy) and NIA (National Investigation Agency) to try and lure WhatsApp users into downloading and opening the virus-laced files.
According to a report by the Economic Times, central security services in India have issued a notification to the NDA and NIA, since it is believed the WhatsApp attacks are attempts to target people in uniform.
Officials told the publication, “As these two organisations are very popular and known within the country and abroad and there is a curiosity about them, it is possible that it may affect the mobile phones of people interested in these subjects.
“However, it has been analysed that the men and women in defence, paramilitary and police forces could be the target groups.”
The virus is purportedly able to access personal data stored on the smartphone, including banking credentials and PIN codes.
This is not the first time cybercriminals have used WhatsApp to target users.
Last year, WhatsApp users in the UK were warned about a new scam message that claimed to offer users a free £100 voucher from supermarket firm Sainsbury’s.
Worse still, the scam message appeared as if it was forwarded by someone within your contacts – such as a friend or family member.
However the recipient name was actually a fake designed to trick WhatsApp users into trusting the web address for the alleged £100 Sainsbury’s voucher.
The messages reads: “Hey have you heard about this?
“Sainsbury’s is giving away £100 gift cards. They are expanding their store network and they launched this promotion.
“Grab a gift card while its lasts. I got mine already.” (sic)
The Facebook-owned app was recently praised by Amnesty International, which dubbed the Facebook-owned instant messenger as the “most secure” platform available to consumers.
But not everyone was convinced by the praise.
According to Amnesty International, the chat app, which uses end-to-end encryption by default, was closely followed by Apple’s iMessage and FaceTime, and Telegram.
However it is still possible to become the victim of a scam – like the above – within these secure apps.
WhatsApp is aware that spam messages manage to make their way onto its secure platform.
According to the hugely-successful firm, “We work diligently to reduce any spam messages that come through our system.
“Creating a safe space for users to communicate with one another is a priority.
“However, just like regular SMS or phone calls, it is possible for other WhatsApp users who have your phone number to contact you.
“Thus, we want to help you identify and handle these messages.
“Unwanted messages from unauthorised third parties come in many forms, such as spam, hoax and phishing messages.
“All these types of messages are broadly defined as unsolicited messages from unauthorised third parties that try to deceive you and prompt you to act in a certain way.”