A new scam uses fake WhatsApp security updates to steal user bank data. Fraud, which is widespread in misleading applications on the Google Play Store, uses cloned bank pages to trap passwords, tokens, and bank credentials through a malicious link. The action of malware, a program that has malicious intent, is able to access the victim's mobile phone in real time. In a 30-day monitoring period, more than 10,000 people were affected in Brazil. The scam was met by dfndr lab, PSafe's cybersecurity lab, last week.
How to tell if your WhatsApp is being cloned
Scam uses fake WhatsApp updates to steal bank data Photo: Anna Kellen Bull / dnetc
Want to buy a cell phone, TV and other discounted products? Meet the Compare dnetc
The malware is available for download as a supposed update to WhatsApp on Google's own official app store, the Play Store. After installing the application, the malicious tool prompts for user accessibility permission, but later obtains additional additional hidden and automatic access. After granting the necessary permissions, the victim displays a message about the completion of the alleged update.
In false update WhatsApp scam clones bank screens Photo: Playback / Techtudo. Edited by Adriano Ferreira
The program then monitors smartphone activities. When the user opens a bank application, the malware instantly displays a fake page on the screen, with identical true visual characteristics. In this way, the criminal software captures the device's display in real time and transmits the information to the criminals, as well as allowing them to interact with the victim's device remotely.
The dfndr lab warns that the biggest danger that the application icon is hidden in the smartphone making it difficult to uninstall the malicious program. According to the lab team, this is one of the most harmful malware ever developed, due to the invisibility of the app.
WhatsApp: Five Tips for Using the App Safely
I need to be careful when downloading apps. It is important to check if the app developer is the official brand in this case, WhatsApp Inc. If not the same company, it is very likely that this is a scam. Check links before deciding to click on it one which can prevent scams. In cases of promotions involving companies, simply access the official website of the brand using the web browser to confirm the veracity of the campaign.
Remember that malicious tools take advantage of WhatsApp's large user base, which is the world's most popular application, to reach and affect more people. Scams propagated by the messenger have been common. Recently, for example, cybercriminals spread across the app a message that promised free diamonds on Free Fire Battlegrounds to trick users into subscribing to YouTube channels. There was also a fake page impersonating cosmetic brands to steal personal data. In another case of misappropriation, the promise was for job openings at Cocoa Show and Havan and Samu.