Security experts are warning against a cyber attack that could result in access to victims’ personal files.
WhatsApp users have been warned not to open e-mails purporting to be from the mobile messaging app that could trigger a virus giving access to users’ personal data.
Researchers at Comodo Antispam Labs (CASL) have identified a new malware attack targeted specifically at businesses and consumers who might use WhatsApp that uses e-mails to spread malware when the “message” is clicked on.
The e-mails, which appear in a similar format to the picture below, have been cleverly branded to make it seem as if they have been sent by WhatsApp.
As is evident in the sender’s address line, they bear no association with a messaging app that is used by millions of people worldwide.
Pic via Comodo.com
The cybercriminals behind the attack have been sending mails using a variety of different subject lines such as those listed below, all of which are followed by a code made up of random characters, which is most likely used to encode data to identify recipients.
- You have obtained a voice notification xgod
- An audio memo was missed. Ydkpda
- A brief audio recording has been delivered! Jsvk
- A short vocal recording was obtained npulf
- A sound announcement has been received sqdw
- You have a video announcement. Eom
- A brief video note got delivered. Atjvqw
- You’ve recently got a vocal message. Yop
The attachment contains a compressed (zip) file, in which a malware executable resides and once the zip file is opened and executed, the malware is released onto computers.
“Cybercriminals are becoming more and more like marketers – trying to use creative subject lines to have unsuspecting emails be clicked and opened to spread malware,” said Fatih Orhan, Director of Technology for Comodo and the Comodo Antispam Labs.
“As a company, Comodo is working diligently in creating innovative technology solutions that stay a step ahead of the cybercriminals, protect and secure endpoints, and keep enterprises and IT environments safe.”
You’ve been warned folks.
