WhatsApp phishing is becoming a bigger problem in the world. This type of phishing is different from the advanced one, but does this type of phishing works and how can you avoid becoming a victim? Sanne Maasakkers, Cyber Security Expert at Fox-IT, explained this type of phishing and in an episode of 5 Uur live.
WhatsApp phishing are a bit like advanced phishing. With advanced phishing a cybercriminal searches for information about his victim and distribute an e-mail containing specific information about the victim, which makes it look like a reliable source. With WhatsApp phishing something similar happens.
Cybercriminals carefully target their victims. They find them online on websites with their full names and phone numbers, for example e-commerce marketplaces. When the criminal has found his target, the research into the victims loved ones, like friends and family, starts. Then the phishing pretends to be a relative or friend of the victim and tells the victim that he has a new phone number. In this way the criminal tries to export money of his victim by using an excuse.
Criminals use prepaid phones and bank accounts that are not registered in their name. This makes it hard for the police to track down these criminals. In 2018 the damage done through WhatsApp phishing was 260.000 euros. In 2019 that number is already 335.000 euros.
How can you avoid becoming a victim?
- Make sure that your full name and phone number cannot be found online. Use an alias instead of your real name. This reduces the chance of becoming a victim.
- Foreclose your friends for people who are not your friends on social media. That makes it harder for cybercriminals to figure out who your family and friends are and pretending to be one of them.
- When you receive a WhatsApp message with a request for payment, verify this message! Ask this person to send you a voice memo, ask for confirmation via another messaging service or call the “old number” which you already have.