Cybercriminalsare Sending Phony Emails to WhatsApp Users Watch Out!

Comodo Antispam Labs (CASL), a cybersecurity firm, has identified malware that targets instant messaging app WhatsApp.

In a blog post, the firm revealed deceptive emails camouflaged as official emails from WhatsApp are being sent to the users by cybercriminals. The emails come attached with a malicious malware. The false campaign aims to spread the malicious file when a user clicks on the message contained in the fake email. The phony WhatsApp emails come from scoundrel invaders’ email addresses.Upon keen scrutiny of the email addresses, you will find out that indeed the emails are not officially from WhatsApp.

The Facebook-owned messaging platform has been experiencing security glitches in the recent past. On New Year’s Eve, it was hit by a bug where users could not send or receive messages. Then a few daysago, a hacker came up with a way to crush the app, sending amessage with over 6000 emojis.

The malware is of Nivdort family

Comodo Labs suggests the virus must be of Nivdort family having studied how it behaves. The rogue emails contain attachments of either a ZIP or a compressed file. The attachment has a malwarefile that executes upon clicking. When a user clicks on the file, the malware spreads in different computer system folders and adds itself into an auto-run in system’s registry.

Attackers use a range of subject lines

The hackers are using several subject lines to capture the attention of WhatsApp users and infect as many computers as possible.The bogus emails also contain a set of random commands including sqdw, jsvk, and xgod among others. These random letters are allegedly used to identify whoever receives the email hence encode data. Therefore, WhatsApp users are warned against clicking on emails containing the topic lines informing them of either of these things: obtained voice notification; a missed audio memo; delivered brief audio recording; obtained short voice recording; a received sound announcement; delivered video note; received thevocal message, among others.

Hackers use appealing subject lines like marketers

The director of technology for Comodo and CASL, Fatih Orphan, sayscybercriminals just like marketers aim to catch the attention of their victims by using attractive subject lines to tempt them to click on the phony emails, consequently executing the malware without their consent.

The director says Comodo is working industriously to come up with innovative and competitive technology solutions to stay ahead of hackers, protect endpoints, and ensure security in firms and IT environs. The enterprise security team is currently analyzing the URL of the scoundrel emails. However, the criminal(s) behind the fraud has not been identified.

The company prevented Apple users from handing their personal details to hackers in October last year. The cybercriminals designed a fiddle to trick Apple users into sending them their private information, but Comodo stepped in time to warn the users. Just like the WhatsApp attackers, they also sent emails to victims. The deceptive email promises victims repayment for a costly app they never bought. It further requests them their credit card details to terminate the pretentious deal.