How cute are these hackers. They write to us “I miss you a lot, how are you?”. Really big softies. Well, if you have received such messages on WhatsApp from unknown numbers, perhaps accompanied by an image, then you could be at the center of a scam attempt.
Cybersecurity experts have in fact detected a significant increased malicious activity through Meta’s popular messaging app. But how exactly does it work? Who does it hit? How to protect yourself? Let’s try to understand each other more.
How the “I miss you” scam works on WhatsApp
The scam is not particularly elaborate but, as often happens, it is precisely its simplicity that allows it to reap more victims. Basically, the victim receives a WhatsApp message from an unknown number (usually overseas). In the message there is generally an image with the following writing:
“Hi, I haven’t contacted you for a long time. I don’t know if you still remember me, so I sent you a picture of me. I miss you so much. How are you? I switched to a new Whatsapp account and would like you to add my new Whatsapp account. We can connect better here.”
As you may have guessed, it is precisely in the “we can connect better here” that the scam lies. Moved by curiosity, the unsuspecting victim who clicks on the link is redirected to a malicious site. This gives cybercriminals access to virtually all data stored in the victim’s account.
The scam would seem to particularly affect accounts connected by WhatsApp Webthe desktop and browser version of the popular mobile app.
How to protect yourself
The answer to this question may be trivial: do not click on the link. Similar to email phishing attacks, cybercriminals tend to disguise their identities by posing as someone they are not. Much of the scam relies on the victim’s curiosity to understand who that mysterious person from our past is who is trying to get in touch with us. Curb this human thirst for knowledge immediately and be rational.
More generally, the advice is to never click on messages from strangers (or generally suspicious) which bear the wording “click here”. The effect could also be cascading: the malware could infect your mobile phone and send the message to your contacts. So, even if you receive a suspicious message from a friend telling you “I changed my number, click here to stay in touch”, don’t fall into the trap.
The great weakness of WhatsApp, paradoxically, is its security system. End-to-end encryption, which preserves the privacy of conversations, prevents Meta engineers from tracing the source of who sends you messages. However, being automated, these presumably come from foreign bots. As always, for any operation on the web, the advice is always and only one: caution.
Leave a Reply
View Comments