How many times do you think you can win a lottery? Few, right? Well, judging by the number of times that messages of this type reach us, it would seem that we are lucky. This is how they try to scam us through social networks, a habitat in which more and more scammers move.
WhatsApp is one of the means most used by cybercriminals to spread their viruses and prepare their scams. It is because almost no one asks when opening a file sent by someone they trust if it is potentially dangerous, but they can be. A few years ago it was discovered that downloading a simple gif in the application received by WhatsApp installed a virus on the phone that stole personal information from the owner of the phone, and not so long ago the alert was raised when it became known that a simple call could be used to install ‘spyware’, which informed the cyber criminals of all the activities of the owner of the terminal.
In March, a chain of WhatsApp messages was detected saying that a sportswear manufacturing company was giving away one million pairs of shoes. It worked like this: a link would appear that led to a website where you had to open three boxes, and when you opened the third, you ‘touched’ the prize. To achieve this, you had to share the message in the ‘app’, they would redirect you to a website to participate in more games, fill out surveys and qualify for more prizes. People even asked for money “to cover shipping costs.” To receive the gifts, the victim was instructed to fill out a form with their personal and bank details. And after this step was completed, the next thing the user saw was an error message.
This type of deception is common in the case of vouchers to buy in supermarkets or stores, promises to get free internet, or threats that the ‘app’ will no longer be free.
And the pandemic has only intensified the scams. In fact, in January a chain of messages was detected that indicated that the Government was granting aid for the economic damage caused by covid-19 but, once again, it was a decoy that led to a page that asked for personal data. On other occasions, these fraudulent messages simply encourage people to respond to surveys related to the health crisis, but in the meantime, they are collecting data.
To avoid fraud by WhatsApp, the Internet Security Office recommends:
Do not click on links that contain chain messages. You could download ‘malware’ onto your device or be redirected to fraudulent websites.
Do not forward this type of message without checking the information in official sources.
In case of doubt, consult directly with the company involved or with trusted third parties.
Facebook is a good breeding ground for all kinds of fraud, from the most classic ones based on sweepstakes and discount coupons that lead to a link in which you have to provide personal or bank details to ads with very cheap items, so much so that it is suspicious … That’s right. If, in any case, we decide to look at that offer, before indicating a payment method, check if the page address begins with ‘https’ and the padlock is green, which indicates that it is a secure payment gateway and if on the page there is real contact with telephone and address.
Facebook is also the showcase for advertisements that encourage the installation of an application in which malicious code is hidden, also intended to steal user data.
There are even more crude but effective methods aimed at scamming people with financial problems: very cheap loans are offered for which an advance is requested in advance. I weighed As suspicious as it is seen, some fall into the trap. This is an example of the classic scam transferred to the networks. But there is more: profiles, usually female, are created to contact men in search of a love relationship. Once the person has been seduced, his supposed virtual lover asks him for money to buy the ticket and travel to meet, because the scammer claims to need it urgently for health reasons or can also blackmail the victim by asking for money after having convinced him that send you erotic pictures. In February of this year, the technological crimes team of the Civil Guard carried out ‘Operation Farmamor’, in which they arrested a woman and two men in the Valencian town of Liria for alleged crimes of bank fraud and money laundering for the value of 72.
One way to get around this scam is to do a reverse image search on Google. To do this, you have to go to the top of the search engine screen and click on ‘images’, then drag the profile image of the suspect to the search box, and if the search returns enough results in which it appears photography is probably a fraud.
Here the most common scams are romance scams, those related to the lottery in which you have to pay an amount in advance to collect (similar to WhatsApp), false investments, loans that also ask for money in advance, and false advertisements of work destined to collect data.
In February of this year, a wave of account spoofing was detected on Instagram. The criminals created a profile with a name and image very similar to the account they were going to use as bait – without its owner knowing – and even copied some of their latest posts. Then, either they asked followers of the legitimate account for friendship and sent them a message telling them that they had won a raffle and to enter a website or they asked followers of the legitimate account for friendship and in the direct message, there was information and a link to an account OnlyFans illegitimate encouragement to become a subscriber in that payment network. This is what to do in case of detecting identity theft in a social account:
Block the account that is impersonating the identity so that it cannot see who our followers are and contact them – by entering the profile, pressing the three vertical points in the upper right corner, and choosing ‘block’.
Report the account that is impersonating. How to do this is indicated in the Instagram help section, under the heading ‘Impersonation of accounts’.
Warn contacts.
Document spoofing with screenshots and screenshots of the messages.
Make the profile private until the situation is resolved.
