Scam of the Week: It’s Not a WhatsApp Voice Mail!


You probably know that the Eastern European cyber mafia does their beta testing in the U.K., before they “export” their criminal campaigns to America. Here is a heads-up of a social engineering phish that was spotted in Ireland, and that your users may receive in their inbox in the near future. Warn them ahead of time!

ESET Ireland warned: “A dangerous email spam message is dropping into Irish mailboxes, pretending to come from WhatsApp. Its subject says “Missed voicemail” and the content of the mail just says “New voicemessage” and has a link called “Play”.

Clicking on the link will begin the download of a trojan that ESET detects as “JS/Kryptik.BBC”, a variant of malware first detected in August 2016. JS/Kryptik is a generic detection of malicious obfuscated JavaScript code embedded in HTML pages that usually redirects the browser to a malicious URL or implements a specific exploit and can cause ransomware and other malware infections.”

Here is a general safety rule: Instead of clicking a link in an unverified email claiming it’s from WhatsApp (or any other social media) log in to your WhatsApp account the standard way instead and check for any messages there. Remember: “When in doubt, throw it out!”

Advertisements

About Kevin

Mayor - City of Oakley, Data Center Manager of Mainframe Operations and Optimization – USS-POSCO INDUSTRIES, Co-Founder and Board Member - Friends of Oakley A Community Foundation, Advisory Board – Opportunity Junction, Commissioner - Contra Costa Transportation Authority, Board Member - Tri Delta Transit and Transplan
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s