Please Note This forum exists for community support for the Mango product family and the Radix IoT Platform. Although Radix IoT employees participate in this forum from time to time, there is no guarantee of a response to anything posted here, nor can Radix IoT, LLC guarantee the accuracy of any information expressed or conveyed. Specific project questions from customers with active support contracts are asked to send requests to support@radixiot.com.
How a WhatsApp Scam Led to $625K in Losses
-
A new scam targeting users via WhatsApp has resulted in significant financial losses, with over 80 victims reporting a combined total of $625,000 in damages since December. The scam involves phishing links sent through WhatsApp, which lead to the installation of malware on victims' phones. This type of scam, which is often linked to fraudulent travel or cleaning service ads on social media platforms, is gaining traction and has already caused widespread concern.
The Path to the Scam
The scammers behind these attacks have become increasingly creative in how they lure victims. The process typically begins with fraudulent advertisements on popular social media platforms such as Facebook and TikTok. These ads promise deals related to travel, cleaning services, or other enticing offers, prompting users to share their contact details to claim the offer.Once the scammers receive the victim's contact information, they initiate a conversation via WhatsApp, asking for a small payment—usually about $5—as a "membership fee" or an "upfront deposit" for the promised service. This is where the phishing element begins. Victims are asked to make the payment via a link provided in the WhatsApp message, which directs them to a fraudulent website designed to steal their payment information.
How Malware Enters the Picture
After the initial payment request, the scammers introduce another layer to the scam. Victims who encounter issues with payment are instructed to download a malicious APK file (Android Package Kit) through WhatsApp. The scammers claim that the app will resolve the payment problems, but in reality, it installs malware on the victim's device.The malware grants the scammers access to sensitive information, including SMS one-time passwords (OTPs) that are often used for online banking or two-factor authentication. With this data, the scammers are able to perform unauthorized transactions, either directly from the victim's phone or using the stolen credentials on their own devices.
To make matters worse, in some instances, scammers have convinced victims to disable Google Play Protect, an important security feature on Android devices that helps prevent harmful downloads. With this feature turned off, the malware can be installed without triggering any warnings from the device’s security system, making it even harder for users to detect the threat.
Protecting Yourself from Scams
The Singapore Police Force has warned the public about these phishing scams and offered a set of guidelines to help protect against future attacks. The advice is encapsulated in the acronym "ACT"—Add, Check, and Tell.Some players who do not have an account can choose to Buy Cheap WhatsApp Account on U2XU, which is a professional and secure online trading website. In addition to various game items, accounts and services, you can also find discount Cheap WhatsApp Account here. Every transaction here is certified, so you can buy with confidence!
As phishing scams continue to evolve, it’s essential to remain vigilant and cautious when interacting with unsolicited messages or offers online. By following these guidelines and practicing good security habits, you can minimize the risk of falling victim to such scams and protect your personal information.