WhatsApp users across the world are being urged not to click on a new spam message which teases an option to customize the app.
The message, which was first spotted by reddit user yuexist, states that, “Now you can change your WhatsApp and leave it with your favourite colour.”
The
spammer used non-ASCII characters rather than ASCII to look identical
to its "whatsapp.com" counterpart. This fueled the adware's supposed
legitimacy. Thus, WhatsApp users may see a whatsapp.com URL and think
it's legitimate, but it's really with Cyrillic characters instead of its ASCII equivalents.
After
clicking on the fake WhatsApp link, the user is commanded to share the
link with multiple other groups to verify identity. After sharing, the
user unknowingly spams more groups of people. Then, the adware forces
you to install a series of its spam apps onto your phone.
Now, you
have just installed the adware. After installing the adware, do you get
to change your WhatsApp to the color of your choice? Nope.
Once
you’ve ‘verified’ yourself, you’re then told that WhatsApp’s colors can
only be accessed on a desktop, and are asked to install an extension
from the real Chrome Web Store called BlackWhats (Google has removed this extension from the Chrome Web Store).
There
are plenty of WhatsApp users who don’t spend their time on tech blogs
and might fall for it – the fake URL is certainly convincing enough at
first glance. The extension itself has over 16,000 users and a 4 star
rating from 55 ratings, though there are only 3 text reviews – it’s hard
to tell if these ratings are somehow fake.
Though spreading has
been halted by removing the extension now, one should be careful while
opening web link received in messaging app as well as email. We all are
aware of the ‘Wannacry‘ ransomware that has put a large number of computer systems at risk all around the globe over the last weekend.
No comments:
Post a Comment