Hackers and voicemail phishing

Hackers continue to innovate when stealing personal information, so WhatsApp users should be on guard for suspicious emails. A report from email security company Armorblox claims that a group of hackers based in Russia are using email spoofing and fake voice message notifications to steal personal information from the app's users.

?

Phishing attempts and how they happen?

?

WhatsApp users receive a fake email stating that they have a voice message through an email address with a .ru domain. Often, these phishing messages are accompanied by a lousy URL that directs the user to a page where, when the play button for the fake voicemail is clicked, the user is asked if they are robots.

?

Information like passwords and payment information can be accessed and stolen by the Infostealer malware once installed on the victim's computer.

?

Phishing scams: how to avoid them?

?

Armorblox offers users three additional methods to thwart phishing attacks such as these:

?

1. Enhancing native email security with other controls

2. Monitoring social engineering cues

3. Password management best practices and multi-factor authentication

?

Verifying the email domain and address of the sender can also prove valuable, as the WhatsApp example has demonstrated. Even if the email appears to be coming from a legitimate source, such as WhatsApp, looking for inconsistencies might help you avoid scams.

?

Last but not least, McQuiggan notes that a healthy dose of skepticism on the part of users can go a long way toward preventing attacks such as these. Verifying the source of an email can prevent potential victims from potentially having their sensitive information stolen.

?

It is also recommended to use multi-factor authentication on both business and personal accounts and has different passwords for each website to prevent multiple accounts from becoming compromised.