Connected media – Associated media
WhatsApp can be easy, the most important application there is. Already in Spain, where for years there has been, with different differences, the most used messaging system and, possibly, the most usual communication mechanism. Yes, of course, the criminals know it. For this reason, you intend to exploit it to cause problems for users and, if possible, steal money from them.
During the last few years it has been localized through the application of several different stafas campaigns. We explain how you can recognize them and avoid them.
When the SMS code appears
Lleva desarrollándose years and years. Criminals are sent through companies, institutions or even the application’s technical service to usually request a code that can be recovered via SMS. The excuses you use are very varied. Sometimes it says that the user has won a lottery. Others that your app account was hacked or that you’re undergoing a security review.
Sea like sea, in these cases it is normal to go and get the application’s authentication code, which the user receives via SMS when he is intent on opening the shift account on a new mobile phone. If you leave and do not keep the double-factor authentication option that WhatsApp offers activated, the user will lose your account. And you may be supplanted, then. Furthermore, in these cases, recovering it can be complicated, because it is not possible to directly contact the app from another party, and the process can be easy, in several days.
When you are offered a well-paid job
During the last few weeks, various malicious campaigns have been developed through messaging applications, including through Telegram and Signal, when criminals approach the user with job offers that are a chollo and where, presumably, pages that are offered are they are worth about 100 euros of diaries.
If the user has an interest in the offer, criminals will have to spend an amount of money to access the service. A place that, evidently, does not exist.
When you piden you see YouTube
Recently, electronic security company ESET warned of a version of this previous operation that criminals were offering money to change interaction with videos suffered on YouTube. Even if, at the beginning, the delincuentes cumplen and pagan, there is a moment in which it forces the user to subscribe to a sum in order to continue completing the work. Here I will recover all the inversion and with creces.
When a stranger says hello to you
You’ve probably spent more than one occasion. Open WhatsApp and you find yourself with a message in which only a ‘Hola’ (or a ‘Ciao’, in English) appears from an unknown and, normally, foreign number. In this type of campaign, criminals try to start a conversation with the victim about this, without letting them know, by sharing data such as place of residence or email. All with the aim of using this information in future phases.
Another classic. In these cases the criminals are passed by friends and relatives and told that they are in a foreign country and need money. There have also been times when the problem is in the airport or says that he changed the victim’s cell phone. Many excuses are possible, but the final goal is always the same thing: money.
Tricks to avoid it
In the vast majority of cases, this type of operation is carried out from there unknown telephone numbers and in many cases even strangers. If the user receives a message from someone who is not present in the contact list, he should be notified and discouraged from the first. In these cases, if the only one who says is «Hola, qué tal», the best is not to answer and, directly, block.
The same applies to them generic messages about the one that simply tells you that they are your mother, your daughter or your sobrina to pay money. In these cases, on occasions, you may have some doubts about the veracity of the communication, but cyber security experts recommend verifying the veracity of the message elsewhere. For example with a real call to the phone of the person you are supposedly trying to contact.
As it happens, you don’t have to send money unless you’re completely convinced that it’s not a story, because malicious campaigns of this type have been very common for years.
Y the same step with requesting required codes via SMS. There is no need to ever share it, because there is no company that requests data in this way through WhatsApp. In this case, the user must also be alert, because when criminals steal the account from someone who is used to trying to reach their contacts. Therefore, if someone puts a key that connects to the message, even if it is an acquaintance, they have to look closely at what is before passing it.
Related media – Associated media