There’s a new malware scam doing the rounds that uses WhatsApp branding to fool people into downloading malicious software onto their PCs.
The scam was identified by Comodo Antispam Labs when users began receiving emails notifying them that they have received an audio message through the WhatsApp service.
Some of the subject lines that Comodo Antispam Labs have discovered include, “You have obtained a voice notification xgod” and “You have a video announcement. Eom”, with the scramble of letters at the end being one of the signs that this is not an official email from WhatsApp.
The email contains a .ZIP file that, when clicked, extracts and installs malware from the Nivdort family onto a user’s PC without their knowledge.
Nivdort gives an attacker full control of your PC; data gathered can be sent to the attacker and additional malicious software can be installed if they choose to.
Thankfully the malware can be removed using Microsoft Security Essentials, Windows Defender or any other anti-virus and anti-malware tool.
Of course, prevention is better than cure, and users should remember that voice notes, photos and videos relating to WhatsApp will only be delivered through the platform; any email that asks you to download something and does not come directly from WhatsApp should be deleted immediately.
Using social engineering to spread viruses and malware is nothing new, but cyber criminals are getting better at it according Comodo, which likens them to marketers as their techniques are becoming more refined.
We will take this opportunity to remind our readers to be careful of emails that look suspicious. If in any doubt at all over anything in your Inbox, ask somebody, you could save yourself a headache, your PC and possibly more.[Source – Comodo Antispam Labs]