A WARNING HAS been issued about a new phishing attack that tricks people into downloading malware onto their computers from an email purporting to be from WhatsApp.
Cyber security researchers at Comodo Labs identified the malware attack which involves cybercriminals sending fake emails representing the information as official WhatsApp content.
The emails are being sent from a rogue email address, disguised with an umbrella branding “WhatsApp,” but if users look at the actual ‘from’ email address, they will see it is not from the company.
In order to spread the rogue malware and infect computers, the cybercriminals are using multiple subject lines, all with a set of random characters or letters at the end:
- You have obtained a voice notification xgod
- An audio memo was missed. Ydkpda
- A brief audio recording has been delivered! Jsvk
- A short vocal recording was obtained npulf
- A sound announcement has been received sqdw
- You have a video announcement. Eom
- A brief video note got delivered. Atjvqw
- You’ve recently got a vocal message. Yop
The attachment contains a compressed file which holds the malware. This type of malware usually replicates itself into different system folders, according to Comodo.
Anyone who receives an email like this is advised not to open it and definitely do not download any attachments.