Be careful! There could be a WhatsApp phishing scam in your inbox


Hackers and scammers are getting trickier these days. Their latest attempt to trick you into downloading malware that will infect your PC and give them access to personal information or possibly control over your computer is to masquerade as WhatsApp.

If you see an e-mail in your inbox from WhatsApp, it’s best to ignore it. Taking a look at the address that the e-mail is actually from shows that it’s not legitimate. These e-mails have featured a subject line that informs you that you have an audio message or file to listen to.

Another distinguishing feature of the subject line is that it contains a random assortment of characters at the end. The Comodo Antispam Labs team says that this is “robably used for encoding some data, to identify the recipient(s).”

These e-mails also feature a compressed ZIP file. This is the means of delivering the malware to your computer, so do not attempt to download it.

“Cybercriminals are becoming more and more like marketers – trying to use creative subject lines to have unsuspecting emails be clicked and opened to spread malware,” said Fatih Orhan, Director of Technology for Comodo and the Comodo Antispam Labs.  “As a company, Comodo is working diligently in creating innovative technology solutions that stay a step ahead of the cybercriminals, protect and secure endpoints, and keep enterprises and IT environments safe.”

Cybercriminals are getting sneakier in their attacks, but you can keep your computer and your personal data safe by bearing a couple of things in mind:

  • Don’t click on links to “your account,” even if the e-mail looks legitimate – visit the website instead and access your account manually. Cybercriminals have managed to replicate company e-mails and even landing pages just to get your details.
  • Don’t download files unless from a trusted and verified source. This is the easiest way for someone to infect your system, so don’t give them easy access.
  • Check the address that an e-mail has been sent from. Typically, even if the FROM field on your mail preview page looks legitimate, all becomes clear when the e-mail address is spelled out. Remember, eBay is unlikely to be e-mailing you from a Gmail account.
Author Image

Posts from the Harvey Norman blog team.

You may also like...