Fake WhatsApp billing emails steal victims’ credit card details
1 December 2016 |
Cyber criminals are targeting users of the WhatsApp messaging service in a new phishing email campaign, researchers have warned.
Security experts from Malwarebytes said scammers are sending messages claiming that users' services have been suspended because of an unpaid bill.
They are asked to click a link, which appears to go to WhatsApp.com but actually leads elsewhere, to update their payment details and regain access.
However, they are sent to a fake payment page that collects their personal information and card details and sends them to the cyber criminals behind the scam.
Once the phishing site has captured victims' information it sends them to the legitimate WhatsApp site, making it more difficult to detect that something is amiss.
"Since the beginning of 2016, WhatsApp has stopped charging its users for subscription fees," Malwarebytes malware intelligence analyst Jovi Umawing wrote in a blog post.
"So if ever you receive an email that may appear similar to what we have featured above, best to simply delete it from your inbox."
She also warned that scammers may use fake invitations to trial features like video calling or videos they can watch while they download to lure users in.
This is just the latest phishing scam to target consumers and businesses.
Last week, Amazon customers were warned about a new malicious email campaign that tried to take advantage of the busy Christmas shopping season to trick users.
The warning came after it was revealed that online scams cost Christmas shoppers more than £10 million last year as they sought deals on their festive purchases.
Meanwhile, almost a third of shoppers said they would risk fraud for a Christmas bargain, thereby giving cyber criminals an opportunity to take advantage.
And even once the presents are opened on Christmas Day, research has shown that only 42 per cent of consumers take the proper security measures to protect their new gadgets.
For more on the WhatsApp scam, see the Malwarebytes blog.