Sunday, September 20, 2020

UK WhatsApp users warned of latest in-the-wild scam

Users of WhatsApp, that popular texting service application for mobile devices, are warned of a new scam making rounds that may have started late last week. Below is a sample of what users are receiving:

@sainsburys got this on whatsapp, is it a scam? Too good to be true

— Jackie (@nelsonjackie48) October 22, 2016

Hey, have you heard about this? URL redacted Sainsburys its giving away £100
gift cards. They are expanding their store network and they launched this promotion.
Grab a gift card while it lasts. I got mine already.

The official Sainsbury’s Twitter account has already denied the legitimacy of the message and rightfully advised the user to simply delete or ignore the message without replying.

However, some users may find themselves ignoring their best judgments and clicking the URL anyway.

As of this writing, two scammy URLs have been circulated, which are as follows:

  • www[DOT]sainsburys[DOT]com-giftcard4u[DOT]com

  • www[DOT]sainsburys[DOT]com-ukgiftcards[DOT]com

Several reports say that once users click on either of these links, they are then tricked into giving away their personal information.

Thankfully, the above URLs are already taken down as of this writing. However, it’s possible that a similar campaign may still be ongoing but with scammers using a different URL. If so, it would be wise to heed Sainsbury’s advice and report such messages to the company. Furthermore, tell your WhatsApp contacts about the circulating scam so they are also in the know. This way, we lessen the number of users clicking links and getting their information stolen.

Speaking of questionable URLs, our Web Protection Team has provided us a list of URLs you may also want to avoid visiting and include them in your blacklist instead. Note that most of these provide actual download files of the WhatsApp app, but ask for user information in return:

  • 2016-whatsapp[DOT]win

  • fast-internets[DOT]com

  • getwhatsap[DOT]xyz

  • us[DOT]number-look[DOT]com

  • whats-app[DOT]website

  • whatsapp[DOT]so

  • whatsappactivation[DOT]com

  • whatsapplight[DOT]com

  • wifi-speed[DOT]com

Below are sample screenshots we captured of some of the sites:

Click to view slideshow.

Users of Malwarebytes, however, are already protected from these sites as we already block them.

Other related post(s):

  • WhatsApp Elegant Gold Hits the Digital Catwalk

  • Don’t Get Stuck on WhatsApp Stickers…

  • Scams, PUPs Target Would-be WhatsApp Voice Users

  • WhatsApp Hack Promises Messages, Delivers PUPs

  • WhatsApp Spam Campaign Leads to Malware

Malwarebytes Labs (Thanks to Dashke)

Click here for best antivirus and antispyware software

Powered by WPeMatico

Drone-maker DJI's Go app contains naughty Javascript hot-patching framework

Drone-maker DJI's Go app contains naughty Javascript hot-patching framework

Apple has already smited JSPatch once this year

By Gareth Corfield 15 Aug 2017


Chinese drone firm DJI appears to have baked a hot-patching framework into its Go app that breaks Apple's App Store terms and conditions, according to drone hacker sources.


The patching framework in question, JSPatch, appears to be baked into the iOS version of Go. Earlier this year Apple ejected a handful of JSPatch-using apps from the App Store.


Full Article.

Take a look at the best antivirus, anti-malware, anti-spy, etc. software

Powered by WPeMatico