A kit from Boticrio for Valentine's Day baits a new scam that circulates in WhatsApp messages. The DFNDR Security application blocked the malicious link, which accompanies the content, on more than 40,000 cell phones in the past 24 hours. Hackers take advantage of the date to offer branded perfumes to those who answer a questionnaire and share the link with friends. The trick is at the end, when the page requests to download an app that is actually a virus. Better understand how the trap works and learn how to prevent scams of this type.
WhatsApp coup uses chain with fake O Boticrio promotion Photo: Anna Kellen Bull / dnetc
List brings more common scams on the Internet; know how to protect yourself
When clicking on the malicious link, the user is faced with an apparently official page of the brand. To win the supposed perfume kit, you need to answer three questions: Would you like to win a male or female kit ?; The kit for own use or gift for the boyfriend ?; Would you recommend our promotion to friends or family?
Regardless of the answers chosen, the user is directed to a second page that requests to share the link with 30 friends or groups on WhatsApp. After sending, the victim is redirected again, this time to download malware that infects the cell phone. The attack also takes advantage of permissions granted by the user in previous scams to issue notifications in the browser, which becomes another agent for distributing the link.
Fake O Boticrio page downloads virus at the end of the questionnaire Photo: Reproduction / DFNDR Lab
It is not the first time that the brand O Boticrio is used in scams on WhatsApp. In February, a similar fake promotion used the same device to attract victims to an online questionnaire. At the time, there was no detection of malware downloads or the spread of the malicious link through notifications from the mobile browser.
In the previous case, the cosmetics chain confirmed to dnetc that there was an official offer along the lines of a chain, but acknowledged the existence of fake links imitating the campaign. The company recommended that users should access official channels to answer questions about current promotions and not fall into the trap.
Other scams on WhatsApp
The high popularity of WhatsApp, with around 120 million active users per month in Brazil alone, stimulates the distribution of scams by the messenger. Commemorative dates are usually deceitful for false promotions in the application, with episodes already occurred on the occasion of Easter and Women's Day.
Another incident involved the World Cup album in a false promise of free stickers. Another more recent attempt ensured the delivery of movie tickets to anyone who shared links with friends. The mode of operation tends to be the same: distribute fake texts with links to sites outside WhatsApp that are responsible for ending the fraud.
Scams do not use official brand addresses in the message Photo: Reproduo / DFNDR Lab
To avoid being a victim, it is necessary not to click on suspicious links that do not reflect the official website of the brand involved. In the most recent case involving O Boticrio, criminals use an address ending in .top in place of the traditional or .br. Among other essential tips to not fall for WhatsApp scams, it is also important to check the veracity of a promotion before clicking or sharing.
Any suggestion of anti phishing free? Take your questions in the dnetc Forum.
WhatsApp: how to notify friends about cell phone change