By Jamie McKane for MyBroadband
WhatsApp has become the most prominent messaging platform across many parts of the world, offering a range of features which enable faster and more convenient communication.
The application also boasts impressive security, with end-to-end encryption delivering secure communication.
Due to its high rate of adoption, however, it has also become a targeted platform for scammers and attacks which aim to either compromise the user’s details or infect their device with malware.
The nature of these scams and attacks is constantly evolving, but we have listed five of the most prominent and dangerous scams currently in circulation below.
SIM-swop fraud is one of the biggest threats to South African WhatsApp users, considering the meteoric rise in the number of cases reported over the last year.
By committing SIM-swop fraud and taking ownership of your number, a user can easily and instantly install WhatsApp on their own smartphone and log in with your account.
The two-factor authentication message will be sent to the number used to log in, which the attacker will now have access to.
From here, they can easily scam your contacts to divulge information or send them money by impersonating you.
This type of attack is also a serious threat to the security of platforms which use SMS two-factor authentication – including many banking apps.
Users should check immediately with their cellphone provider if reception on their cellphone is lost for no apparent reason, as this is the first sign that SIM-swop fraud has been committed.
This type of scam is spread through compromised accounts, and usually comes from a known contact who has had their account compromised.
Victims will receive a message from a user in their WhatsApp contact list who asks them to send them their WhatsApp verification code.
If they do this, scammers will have access to everything they need to access the user’s Whatsapp account and will take over their number.
From the compromised profile, scammers will either ask the victim’s contacts for verification codes to access their profile or they will pose as the victim and ask for mobile money payments.
The easiest way to avoid this scam is to never divulge your WhatsApp verification code and be wary about sending your contacts money if they are acting strangely over WhatsApp.
WhatsApp Gold is a well-known hoax which has been around for years, although it still seems to resurface occasionally and catches out many people.
The scam is a simple phishing attack which comprises hoax messages stating that WhatsApp has launched a new upgraded messaging service called WhatsApp Gold.
Often this premium version is advertised as free and including features such as new themes and free voice calls.
The message contains a link to download the “latest secret update” for WhatsApp Gold, which actually leads to malicious software being installed on the victim’s device.
This malware could do anything from steal your information to spy on your messages and communications.
Avoiding scams like this is easy if you follow best practices and never click on unknown links or download unverified software onto your device.
Phishing with vouchers
This is similar to the WhatsApp Gold scam, but these messages are usually sent from a number impersonating a fake contact.
The message generally states that users have won a free voucher for a local supermarket in return for them filling in a short survey.
However, the link contained in this message goes to a fake website which impersonates the supermarket’s web page.
Once users have entered their details into this website, their information has been compromised and is fed straight to the scammers.
WhatsApp is not the only platform where this scam takes place, as this is one of the most widespread and organised types of scams operating around the world.
Malicious spy apps
During your online browsing or within a WhatsApp message, you may find a link to download a WhatsApp “spy app”.
These applications claim to be able to see what your contacts are saying to each other, along with giving you the ability to intercept their pictures, voice messages, and images.
Of course there is no way to intercept WhatsApp messages in this way as all conversations are end-to-end encrypted.
Instead, these applications usually either install malware on the victim’s device or sign them up to subscription content services which charge exorbitant fees.
It is also important to realise that the Google Play Store is not infallible and can contain many malware-infested “WhatsApp Spy” apps.