It is not new that computer crime is committed through WhatsApp. However, this is a type of crime that continues despite various campaigns around the world to raise awareness of the dangers encountered in the messaging platform.

Cybercriminals often resort to social engineering to attract the attention of users, forcing them to believe that the information they send is true, when in fact it is not, and the sole purpose is to steal people’s personal data.

According to cybersecurity company ESET, these are the most common types of threats on WhatsApp

1. Brand discounts and bonuses: This is one of the most used forms of cyber attack on WhatsApp, known even to the users themselves. It consists of a criminal sending information to a person on behalf of an official company that offers discounts and bonuses for brand anniversaries and holidays. It turns out that to access the potential bonuses you have to enter the link sent along with the notification message, which turns out to be a survey where the victim’s personal data is requested, then indicated to make the bonus effective, you have to share the original message with other users and chat groups.

In addition to detecting malicious ads on the device, this scam manages to steal information from WhatsApp users that could later be used to defraud their contacts.

2. State social assistance: This is similar to the previous one, a message is sent to a person that is likely to come from a government or fund informing them that they have benefited from a subsidy program that fits their profile.

For social assistance to be effective, a form must be completed for cybercriminals to steal personal data such as name, date of birth, document number, date of issue and other information that will be sold to allow other offenders to commit fraud and identity theft.

In addition to the above, ESET reports that this deception can be used to display invasive advertisements on mobile phones through programs that are silently downloaded when filling out an alleged form.

3. Old friends living abroad: This type of crime not only happens on WhatsApp but is also very common on social networks. The message comes from an apparent acquaintance who is from the country but will be back soon and needs help with luggage or immigration because he was unable to board the plane; In this way they manage to steal money from people.

In this type of fraud, the messages are not as personalized as in other cases, but rather the perpetrators are looking for those who will fall into their trap. This is a real conversation shared by ESET:

+ Hello, how are you? Hello far. I send you a big hug.

+ Can you imagine who writes from Spain no?

“Didn’t you tell me you were Mirea?”

+ Of course, how are they there?

4. Apps for spying on someone else’s WhatsApp: According to ESET, there seems to be a lot of interest from Internet users to hack into other WhatsApp accounts, one of the biggest trends in Google search is “WhatsApp spying”.

However, people who try to find out what WhatsApp is hiding from their partners, family members or friends will eventually download apps, extensions or tools which, although they promise to track third party accounts, they are infecting cell phones with malware. Also known as viruses.

5. Error code messages: When downloading the WhatsApp application to a new device, it is necessary to register an account with a phone number, to which a confirmation code will be sent later, which you must enter in the messaging platform. So far everything is going well because that is what usually needs to be done.

A crime occurs when a potential victim receives a message from a stranger that he or she has accidentally entered his or her phone number into a registry. So the person you want to attack has to get a code that the attacker will ask you to return.

If a person acting in good faith sends the code to a potentially misunderstood person, he or she will lose control of his or her account unless he or she has two-step authentication enabled.

What habits should be introduced to prevent cyber attacks

Camilo Gutierrez Amaya, Head of ESET Latin America Research Laboratory, offers the following recommendations to prevent data and WhatsApp account hijacking.

– Do not enter links that are sent to unknown numbers on WhatsApp.

– Do not fill out forms that are also sent to the messaging platform with personal data.

– Activate the two-step authentication mechanism in WhatsApp, using the authentication application and not by SMS.

– Have a cyber security application or software that can identify potential threats.

Continue reading: