Tag Archives: Mobile Security

Panda Security

The Worst WhatsApp Scams of 2016

Leave a comment

List of the worst WhatsApp scams for the year.

With 2016 coming to an end we wanted to put together a list of the worst WhatsApp scams for the year. As you may remember WhatsApp was acquired by Facebook back in 2014. The promising app which has been making a name for itself in recent years just got its 1 billionth customer. A quick Google search and we find out that there are nearly 2 billion smartphones in the world. With this in mind, we can easily conclude that every 2nd smartphone user in the world has WhatsApp installed on their cell phone.

This automatically gives cyber trouble makers an opportunity of having one more source they could use for tricking you into giving away personal information such as credit card details, social security number or bank details.

Here’s what you need to know to stay out of danger and not fall victim of WhatsApp scams.

Getting you to download an app

Getting a message from an unknown number that allows you a sneak peek into your friends’ WhatsApp conversations. The message may sound something like ‘All WhatsApp messages are now encrypted but this app beats the code. Find out what your best friend and your girlfriend are talking about.’

It may sound hilarious and easy to catch but you would be surprised by the number of people without antivirus protection who fall for this trick.

The Nigerian lawyer

Have you heard of the Nigerian inheritance scam? It is still out there and even in 2016 you may end up laundering money without even knowing it. People who fall for it very often give away their bank details too. It may sound very 2014 but this scam is still going on in 2016.

These guys have now migrated to sending their messages on WhatsApp. And they still send them because people still fall for it. It may be 1 in a hundred that does, or even 1 in a 1000 but people still do. Common sense and antivirus protection would save you from getting scammed.

Craigslist

Without going into details, every seller on Craigslist wishing that you communicate only via WhatsApp is a person not worth doing business with. No, you will not get that cute little labradoodle puppy if you use an archaic money transfer service to send cash to a third world country while communicating solely over WhatsApp.

The Lady from Thailand

The lady claiming to be from Thailand or the Philippines you’ve been chatting with since last month is now asking you to buy and send her the latest iPhone 7. Even though this may sound legit you can’t be sure of who she really is. Drop the chat and report it. Remember that if it is too good to be true, it most likely isn’t. Don’t be cyber prey.

The 60% off

It may be a voucher or just an invitation to fill out a survey that promises you a gift card. It sounds legit as it promises you a little prize at the end of the survey. You directly get a message that qualifies you for a huge discount on remarkably expensive watches or sunglasses.

In both cases the link forwards you to a website where you give away your name, home address, password and possibly credit card number and SSN. All you get in return are $0.20 or $0.14 transactions on your credit card statement followed by huge losses if these phishing transactions don’t get detected by your bank’s fraud department.
You may get a message about you having a voicemail, a message inviting you to download a premium app, an invitation to join a dating site with millions of single people. A website that is so secure that you are required to add your credit details to obtain membership. Just leave these scammers in 2016.

We hope you didn’t fall for any of these scams this year or simply had protection on your device to keep you away from the cyber criminals. Have a wicked 2017!

The post The Worst WhatsApp Scams of 2016 appeared first on Panda Security Mediacenter.

Panda Security

Your Tinder Account could be hacked.

Leave a comment

Security researchers have discovered that two of the world’s most popular mobile dating apps can be hacked, exposing sensitive user data in the process. The team from the University of South Australia ran a series of tests, proving that a number of personal details could be extracted from the apps relatively easily.

Capturing network traffic reveals all

The two apps in question, Tinder and Grindr, claim to keep personal details private until users select a match, someone they want to make.

The two apps in question, Tinder and Grindr, claim to keep personal details private until users select a match, someone they want to make contact with. It is only at this point email addresses or usernames are shared, allowing people to connect directly.

The team of experts found that a determined hacker could capture information as it passed between the user’s phone and the Internet. Flaws in the apps themselves could also be exploited to reveal even more information directly on the Android smartphone.

Using the same techniques demonstrated by the university team on the Tinder app, hackers are able to recover all the profile images viewed by the user, along with details of each “match”. Further probing reveals the user’s unique Facebook token – a string of numbers and letters that could be used to personally identify the app user.

Security tests suggest that Grindr is even less secure. Among the information recovered were the details of profiles the user had viewed, along with their own email address. Even more worrying was the discovery that messages from private chats could also be accessed by hackers.

Why does it matter?

Romantic relationships are built on trust by sharing private thoughts and feelings with another person. We make ourselves vulnerable by discussing things we wouldn’t share anywhere else.

This kind of deeply personal information is extremely attractive to hackers who can use it to blackmail the user, or to build a personal profile for advanced social engineering attacks. The secrets revealed in private conversations can often be used to guess passwords, or “trick” people into handing over valuable information like bank account numbers.

How to protect Tinder against hacking

Tinder and Grindr were both criticized by the University of South Australia for failing to properly protect users’ data. In the conclusion of their report, users were urged to be extra careful about the apps they install on their Android phones.

Ultimately the responsibility for these problems lie with the app developers who need to improve their security provisions. In the meantime, Android users can enhance their own protection using Panda Mobile Security to prevent personal data from being accessed without permission – as was the case here.

Panda Mobile Security prevents malicious apps from stealing data, and can be configured to limit data sharing between legitimate apps, helping to keep your sensitive personal information away from hackers. Which means you can focus on finding love without someone accessing your private chats.

The post Your Tinder Account could be hacked. appeared first on Panda Security Mediacenter.

Avast

Popular call blocking apps expose 3 billion users' phone numbers

Leave a comment
FW-APPS-PRIVACY.jpgPhoto: FactWire

Truecaller, CM Security, and Sync.ME, three popular caller blocking and ID apps used by millions of customers, have just been outed for storing the contact details of three billion people in publicly searchable databases. According to Digital Journal, research published earlier this week by Factwire, a group of investigative journalists in Hong Kong, said that the mobile phone numbers of politicians, celebrities, and billions of other people, can be found via searches on the app publisher’s websites.