Quadra

Connecting Technology and Business.

Spam, Hoax and Phishing Messages

Unwanted messages come in many forms, such as spam, hoax and phishing messages. Phishing Scams come in many varieties. Some are personalized, i.e. ‘spearphishing’, but most are sent out to the widest possible distribution. All these types of messages are broadly defined as unsolicited messages that try to deceive you and prompt you to act in a certain way.

You may be the target of a deceptive scheme if any of the following describes a message you receive, via messaging apps like WhatsApp or email:

  • The sender claims to be affiliated with the messaging app / WhatsApp.

  • The message content includes instructions to forward the message.

  • The message claims you can avoid punishment, like account suspension, if you forward the message.

The message content includes a reward or gift, such as an extended or free subscription. Please note, most of these app vendors work on a yearly service subscription model.

Beware of Phishing Scams that Spoof Legitimate Web sites

One phishing email in particular is circulating the internet disguised as a notification from the popular messaging service, WhatsApp. This message looks legitimate. Of course, one sure way to tell it is fake is if you do not have a WhatsApp account. (WhatsApp says in its official page that it does not use WhatsApp to send messages to you. It also states that it also does not send its users emails about chats, voice messages, payment, changes, photos, or videos.

You can also hover your mouse over the button and see what URL it will take you to without actually clicking on it. The links embedded in the email direct your browser to a malicious or compromised website run by hackers. Once you’re on the malicious site, malware is downloaded to your computer.

Don’t Click the Links! – Dangerous Downloads

As you can see in this example, the button wants to take you to livetonline.com, a website that has no affiliation with WhatsApp. If you click the ‘Play’ button or any of the links contained in the email, your computer may become infected. The link will takes you to a webpage that is telling you that you need to download Adobe Flash Player before you can see the message. If you already have Flash installed, especially the latest version, this should be another tip-off that this is a scam. (Mac and iOS users cannot be affected by this, as it downloads an executable (.exe) file, which only runs on Windows. The file most likely contains a virus, but Apple products are not affected).

This strategic and clever tactic is typical. These scam emails started appearing only one week after WhatsApp launched its web client. Before that, there were similar phishing scams circulating, appearing to have come from a WhatsApp mobile user. However, the timing of these new scams makes them seem more legitimate.

This is just one particular example. There have been other emails circulating around that look identical or very similar to the one above, though they may try to get you to download something else malicious, or even display a login page to collect your email address and password (this is a phishing attempt).

Kuluoz is one of the malware downloads associated with such a phishing scam. Kuluoz is a Windows targeted virus designed to stealing documents in Microsoft Word and Excel format. It is also capable of stealing all passwords stored in popular browsers like Firefox and Opera.

The Android mobile platform

Because of its popularity, the Android mobile platform has become an extremely profitable target for malware creators. Many times Android targeted malware is distributed through phishing scams. Malware sites associated with the ‘WhatsApp Messaging Service phishing scam’ can detect Android users and download a virus targeted at Android mobile devices. One such virus is droidFennec.out. The droidFennec.out virus allows an attacker to send text messages, make phone calls and access the internet using your device. The droidFennec.out virus can also enable permissions which would allow a hacker to make payments using your accounts.

What to do if I receive these messages

Prevention is the Best Cure.

Block the sender, disregard the message and delete it. To avoid exposing your contacts to potential harm, please never forward these messages to them.  

If you think that your computer may be compromised, go to the Microsoft Malware Protection Center for information on how to detect and remove the threat.

A necessary defense against this type of threat is antivirus software. Android users should ALWAYS run antivirus software to help defend against the increasing threat of infection posed by Android targeted malware.

Malicious attackers are becoming more skilled at ‘spoofing’ legitimate emails and websites. If you receive an email notification from a website, go to the site by typing the URL in the address bar of the browser yourself! If the message is from a website for which you have no account or you think it may be fake, simply ignore it.

Loading