Today is one of the biggest shopping days of the year and fraudsters are out in force trying to dupe as many people as they can into falling for their dodgy phishing scams.
There has been a host of scams in circulation this week but one of the most widely reported has been a phishing scam targeting WhatsApp users.
A large number of users on the platform have reported receiving a message offering them huge discounts with online retailer Amazon.
The message claims to provide up to 99% off selected products and invites users to ‘shop now’ by clicking on an accompanying link.
Upon clicking the link, users believe they are going straight through to the Amazon website but are in fact redirected through to a cloned website imitating the retail giant.
The site is full of incredibly low offers and when the user clicks on an offer, they are asked to enter their personal information including, name, address and email address.
To ensure the scam reaches as wide an audience as possible, users are then asked to forward the message onto ten friends upon placing their order.
With 1.5 billion active users, WhatsApp is the world’s largest messaging app and it’s increasingly being used by criminals to launch mass phishing scams. Within the last year, there has been a massive 170% increase in messenger app phishing as crooks take advantage of mobile to launch targeted attacks.
Mobile has opened up a whole new market to these fraudsters and the platform is proving to be even more successful at conning people than traditional email-based phishing. Unlike desktops, the mobile interface conceals a lot of red flags that would highlight a potential phishing attack.
On desktops, users can check the validity of a web address by hovering their mouse over a link to see if it’s legitimate. On a mobile, this option is not available making it much more difficult to detect if a link is malicious or not. Users also tend to be more trusting and less suspicious of links included in messenger apps than they would be in email.
To reduce your chance of falling for a phishing attack on mobile, there are a number of steps you should follow:
- Never click on links or download attachments from unknown sources
- Ignore and delete messages with poor grammar and spelling
- Be wary of offers that seem to good to be true. Criminals will use these offers as bait to get you to click on a malicious link.
- Only download apps from recognised and trusted app stores
- Only use safe browsers with security features installed, (ex: chrome mobile). This will offer added protection by eliminating malware and phishing sites.
- Consider using anti-virus software on your mobile to reduce the chance of malicious activity.
Despite the increasing sophistication of phishing attacks there are a number of ways you can protect yourself online. MetaPhish has been specifically designed to protect businesses from phishing and ransomware attacks and provides the first line of defence in combating cyber-crime. Get in touch for further information on how we can help protect your business.