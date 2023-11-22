Amidst the growing interest in WhatsApp among Brazilians, scammers are taking advantage of this popularity using the messaging app as a bait to install viruses capable of diverting Pix transactions, conducting remote operations, and stealing sensitive data. The company itself acknowledges that Brazil is the country with the highest number of WhatsApp users.

Fake versions of this popular app have been implicated in some of the major online frauds reported Folha. This is not surprising given that WhatsApp has at least twice as many Google searches as the currently most searched social network, Instagram. In contrast, interest in competitor Telegram is ten times lower.

To avoid falling into traps, people should only download WhatsApp from official sources: the Play Store for Android users and the App Store for iPhone and other Apple devices.

One example of a dangerous fake version is the misspelled app “Watsap Web,” which serves as the lure for a link that installs a computer virus used to carry out Pix diversion scams through the copy-and-paste method.

Once the computer is infected, the malware spies on the victim until it detects an online purchase made with Pix —either scanning a QR code or copying a code. According to Kaspersky, the virus only works if the person chooses the copy-and-paste transfer method.

When someone copies the text, that snippet is stored in the computer’s memory, in a section called the “clipboard.” The malware then replaces the stored code with another one that directs the funds to the criminal’s account.

In the case of the “Watsap Web” virus, the link was removed from Google after receiving numerous reports.

If you encounter problematic links when searching on Google, you can report them through the “Feedback” option available in the “…” more options button. From there, you can describe your report and attach images.

The Pix diverting virus also targeted WhatsApp users on their mobile phones. The scam began with a notification promising an “Update to WhatsApp v2.5.” It is common for WhatsApp scams to make generic promises of improvements, such as “WhatsApp Blue” or “WhatsApp Pink,” among others.

Users who downloaded the “Update to WhatsApp v2.5” program found their devices compromised and vulnerable to a sudden change in the recipient of their Pix transactions.

The malware operates before the password request stage, with only a few tell-tale signs such as screen tremors and slow loading times. The scammers can swipe up to 95% of the account balance in a single attack.

Users should be aware that updates for WhatsApp are always downloaded under the same program name, and app stores offer the option to update, not install. Additionally, be suspicious of notifications from unknown addresses.

According to global cybersecurity company Kaspersky, malicious mobile applications were one of the main methods for online scams, with over 1.6 million blocked incidents their antivirus software in 2022.

“On the other hand, the protections to prevent these scams are also increasing, and scammers are already discussing the difficulty of publishing malicious apps on official stores. Given this context, we believe that new fraud schemes will be created, and they will become increasingly sophisticated,” says Alisa Kulishenko, a security expert at Kaspersky.

Here are some precautions to prevent falling victim to these scams:

– Regularly review the permissions of installed apps on your mobile phone.

– Carefully evaluate new program installations, especially when it comes to sensitive authorizations, such as accessibility services. For example, a flashlight app should only require access to the flashlight and not camera access.

– Install a reliable antivirus software to detect and remove attempts to install malware on your mobile phone.

– iPhone users have some privacy controls provided Apple and can block apps’ access to photos, contacts, and GPS.

– Always update the operating system and apps on your mobile phone. Many intrusions can be prevented making these updates.

