Tag Archives: WhatsApp

WhatsApp for Android: Always download it from Google Play!

By becoming popular, they turn into a real danger. The more famous an application is, the more likely it will be used by cybercriminals to carry out frauds, which may turn out very expensive for those distracted users.

The perfect example is WhatsApp. Each novelty announced by the instant messaging service is exploited immediately by the thugs on the network to deploy all kinds of social engineering techniques.

Without going any further, WhatsApp voice calls lead on to fraud via email: the victim is notified by email of a pending voice message and in order to for hear it he just needs to click on it. By doing so, it will not play any message, but actually it will download a malicious software on the user’s computer.

To generate this avalanche of fraudulent services, cybercriminals not only take advantage of WhatsApp’s latest features. Sometimes they create totally fake versions with presumed advantages as the possibility of customizing the app’s appearance. The most recent case is the one of the so-called Blue WhatsApp, it promised changing the famous app’s green to blue, although this version hides a poisoned apple: a subscription to a premium service which will increase, quite a bit, the victims’ phone bill.

whatsapp azul

In general, the desire of enjoying new features on an application as common as WhatsApp makes some users to accept these updates even if they do not come from an official supplier.

That is why, the best way of avoiding any kind of fraud from making a hole in our pocket or someone stealing our information stored in our Android is using Google Play (or the App Store in case of having an Apple device) at the time of downloading and update or any other application.

whatsapp google play

In this way, users can sort the Web woven by the crooks on the Internet. Furthermore, not only should be wary of those web pages that provide the so-called WhatsApp download with little credible characteristics: on other occasions, a platform which doesn’t belong to the official app nor to the corresponding applications market, will simply offer users to download WhatsApp as a way of attracting potential new victims.

Without false advantages but just as fraudulent, these downloads will fill your device with malware or subscribe you to an SMS premium service at a great cost. It is the case of a website that distributes a malware designed to steal data and it does it under the official WhatsApp appearance.

whatsapp

The web site does not promise any new features in the instant messaging service. It simply enables the download. When the user installs it and accepts all permissions requested, this false WhatsApp access the information stored on the users’ Android device.

That way, both downloading and updating an application, the safest way to do it is going to the corresponding official site. Even so, users can also find in places like Google Play some fraudulent applications hiding under the appearance of a popular service or that simply requires more permissions than the strictly necessary.

For this reason, before downloading an application for the first time you should read carefully its rating and some comments from other users: if it is a trap that has evaded Google’s Play security, the previous experience of others can serve you as warning.

The post WhatsApp for Android: Always download it from Google Play! appeared first on MediaCenter Panda Security.

EFF Privacy Report 2015: Which Companies Have Your Back?

On Wednesday the EFF published their yearly report called “Who Has Your Back? 2015: Protecting Your Data From Government Requests”. It answers important questions like which companies follow industry-accepted best practices, tell their users about government data demands, disclose policies on data retention or government content removal request, and oppose backdoors.

For the EFF report 24 companies are evaluated and being awarded (or not awarded, depending on the outcome) stars in the five categories mentioned above. Nine companies managed to get stars in all of them: Adobe, Apple, CREDO, Dropbox, Sonic, Wickr, Wikimedia, WordPress.com, and Yahoo.

Facebook and Twitter received four out of five stars, with Facebook “not providing transparency into ways it cooperates with the U.S. government to block content and remove accounts” and Twitter „not providing notice after an emergency has ended or a gag has been lifted”.

The worst rating with only one star went to WhatsApp who at least opposes backdoors but seems lacking in all other privacy regards. The EFF recommends WhatsApp to “publicly require a warrant before turning over user content, publish a law enforcement guide and transparency report, have a stronger policy of informing users of government requests, and disclose its data retention policies.”

Take a look at the full report to find out more.

 

The post EFF Privacy Report 2015: Which Companies Have Your Back? appeared first on Avira Blog.

WhatsApp Trendy Blue, the program which signs you up to a premium rate. Watch out!

One more, there have been so many, we’ve lost track! WhatsApp Trendy Blue is the last hoax to deceive the users of this instant messaging application.

whatsapp trendy blue

WhatsApp Trendy Blue, the new “version” that promises new options to customize the users’ WhatsApp. In fact, it is only subscribing the user to a premium rate service, which it is not exactly cheap.

From Movistar, a Spanish telephone company, they warn that for the program to work, it asks the user to invite at least 10 contacts, who will receive a message recommending them to sign up for this fraudulent website.

So please, don’t fall for these traps, only trust the versions offered by the official stores!

The post WhatsApp Trendy Blue, the program which signs you up to a premium rate. Watch out! appeared first on MediaCenter Panda Security.

The dummies guide to hacking Whatsapp

WhatsApp – the super popular messaging app (800 million users), acquired by Facebook for $20 billion, has done it again… After a bug that exposed restricted profile pictures, data encryption that can be breached in 3 minutes, and the use of IMEI (International Mobile Equipment Identity) as a cryptographic key (it’s like using your Social Security Number as a password), WhatsApp is yet again in the headlines for privacy concerns…

The latest story – hacking Whatsapp. As reported by The Hacker News, anyone can hack your WhatsApp account with just your number and 2 minutes alone with your phone…

This video, posted on YouTube, shows how a hacker answers an authenticating call, intercepts a secret PIN, and uses that to access a WhatsApp account he just created on another phone.

This is not tied to a bug or loophole – it is the way that WhatsApp was built.

Bottom line? Please be very careful whom you lend your phone to, and make sure you don’t leave it lying around. Even locked, a garden-variety hacker can access your WhatsApp account in 2 minutes.

The post The dummies guide to hacking Whatsapp appeared first on Avira Blog.

How to protect your SIM card when it is the key to your WhatsApp

whatsapp app

Finally you have your new smartphone in your hands. Whether it is a Nexus, an iPhone or a BQ we are sure that one of the first things you do is download WhatsApp. You are so focused on setting up the app that you haven’t stopped to think about the implications of your WhatsApp identification being carried out by your SIM card.

In social networks you create a new profile with a user number and a password, but in the instant messaging service par excellence (it already exceeds 700 million users) you identify yourself exclusively with your cell phone number. Once you have connected your number to WhatsApp, the app is associated with the terminal, whether or not the SIM card is inside.

Our phone number is also a way of identifying us in other services we use daily, such as email. Gmail allows you to add a phone number to your account in order to protect it and to ensure that if someone intercepts it or you forget your password you can get it back. Google’s support web page explains that associating your phone number is safer than an alternative email or a security question, because your phone number is something you have physically thanks to your SIM card.

Your phone’s security starts on that card. That’s why security experts recommend taking preventive measures to avoid anyone from spying on your WhatsApp conversations if your SIM card gets duplicated or someone takes it temporarily.

pin cards

How to protect your SIM card when it is the key to your WhatsApp

  • Keep your PIN and PUK code in a safe place: some people have the bad habit of writing them on a piece of paper and putting that paper in their wallets. If you leave your personal belongings unattended for a few minutes, someone might put your SIM in his phone, enter the PIN to which he has had access before and then spy on your conversations indefinitely. If this person is careful to leave everything exactly as it was you will never realize what has happened.
  • Another possibility is that someone clones your SIM and impersonates you. Although in current SIM cards the process is quite difficult, if you are one of those who has cut his card to adapt it to the new terminals there are ways to carry out attacks and clone the information that your card contains.
  • The third method (and most likely) is that a cyber-attacker will keep the information in your card, it is called the ‘SIM Swapping Attack’. The SIM Swap is the process through which a user can transfer a phone number to another company. A cybercriminal can perform a phishing attack or identity theft which will allow him to know the transfer information, keeping all the SIM’s information. This type of attack has been long used for accessing bank accounts: the offender manages to replace your phone number and starts getting all notifications and calls from your bank, including those in which the bank sends you confidential information about your account, for example, to verify a transaction.
  • If you lose your phone or it gets stolen and you have a WhatsApp account associated, we recommend you to associate your number to another telephone as soon as possible so that if the stolen terminal asks for a verification test the offender cannot complete it. To prevent anyone from reading your conversations if the phone falls into their hands, you can deactivate your account here. You will only have to send an email to the support team that will deactivate the account for a period of 30 days, after which you can decide whether to reactivate it or eliminate it altogether. Of course, it may take several days for WhatsApp to process your request and disable your user account, a time during which your account will be unprotected.

So, now you know that your SIM card can be a potential source of interest for real and virtual criminals, that’s why is not enough to keep making sure your phone is in your pocket: you also have to start making sure that the card inside is as secure as possible.

The post How to protect your SIM card when it is the key to your WhatsApp appeared first on MediaCenter Panda Security.

Virus in the name of WhatsApp! Now via email!

whatsapp for pc

Profits are not the only thing brought by the voice calls in WhatsApp. We are sure that some of you are also worried about this.

According to RedesZone, this new service has reactivated, and made more believable, an old scam. Do you want to know how does it work? We will tell you! If you wonder how it works, keep reading…

  • You receive an email which informs you that you have a pending voice message, supposedly/technically from a friend/ one of your contacts.
  • If we want to listen to it, we just have to click on the “autoplay” button in the email.

whatsapp voice message

 

If there was any doubt, you are not downloading a voice message, instead you are downloading malware.

That’s why, so you don’t fall for this kind of scams, you should take this into account:

  • WhatsApp doesn’t send notifications for pending messages.
  • If we look closely to the sender’s address: [email protected], we will see it doesn’t have to do anything with WhatsApp.
  • The application won’t never refer to itself as Whats App.

The best thing you can do is just ignore these emails and install in your computer the best antivirus, which will block the malware in your computer.

The post Virus in the name of WhatsApp! Now via email! appeared first on MediaCenter Panda Security.

Amazon-Gift: the latest virus in WhatsApp

whatsapp virus

We are always saying that WhatsApp is the favorite platform for cybercriminals to play around. And if we add the name of a giant like Amazon, the scam is bound to be a success.

The Trojan known as Amazon-Gift tell users through a WhatsApp message that both companies have joined and they are offering a gift-card. And if the user wants to obtain the check he must click on a link.

According to Tecnoexplora, this hoax is expanding through Asia and it won’t be long until it reaches the rest of the world.

But cybercriminals have gone a little further, urging users to click quickly if they want to be one of the lucky customers to win the prize as there are only 18.000 gift cards available.

The prize is none other than a Trojan that will infect your mobile phone and add it to a network from which other cyber-attacks will be launched.

So, now you know if someone sends you an Amazon-Gift forget it and don’t click on the link!

The post Amazon-Gift: the latest virus in WhatsApp appeared first on MediaCenter Panda Security.

WhatsApp: 6 scams you must pay attention to!

security on whatsapp

The success of WhatsApp has a downfall: while the instant messaging service reached 600 million active users last summer, the numbers of frauds emerging around the app are also growing steadily.

What are the most common scams in WhatsApp? What should we do so we don’t take the bait?

WhatsApp: 6 scams you must pay attention to!

  1. A fake invitation to WhatsApp voice calls

With the arrival of WhatsApp voice calls a new fraud has emerged. While millions of users are waiting for an invitation to access this new feature, cybercriminals are distributing the malware via a link, which automatically downloads the malware.

whatsapp voice calls

To avoid falling into the new WhatsApp fraud, you should keep in mind that voice calls are only available for Android phones.

  1. Frauds via browser

After WhatsApp launched their browser platform, fraudulent websites were created to steal your banking data.

This fake webpages use different types of scams:

  • Asking for the phone number of the gullible users and then, subscribing them to downloading premium services which charge special rates.
  • Making users download an application in their computers, but actually is a Trojan that will allow cybercriminals to obtain confidential information, such as banking information.

In this case, one thing to remember is that the only browser version of WhatsApp is free, and you don’t need to download anything to your computer to use it.

  1. How to disable the blue double check

Scammers also tried to take advantage of WhatsApp’s double check launch. Before the instant messaging service allowed disabling this feature, in social networks we could find advertisements of fraudulent services for getting rid of the darned double check.

doble check azul whatsapp

Getting some users to sign up for a premium SMS service without knowing it, which has a special rate. Remember: you can disable the double check feature from the app.

  1. WhatsApp Gold

The Spanish National Police and Civil Guard reported a couple of months ago the existence of a scam that can be expensive, actually, 36 euros per month.

The fraud starts with a message via social networks in which WhatsApp users are invited to click on a link to update their app to the inexistent Oro version (Gold version), including supposed new and exclusive features.  The link takes the user to a web page where, if he wants to use these improvements, he has to give his phone number.

In fact, all those who gave their number will subscribe to a premium SMS service: each text message that you receive will cost you 1.45 euros, until a maximum of 36.25 euro per month. If you ever cross paths with this message, remember there is only one official version of WhatsApp. Common sense is, as usual, your best ally.

  1. The fake voicemail of WhatsApp

In contrast to the ones before, this scam doesn’t take the advantage of a recently launched service, it just invents one. It starts when a user receives an email, in which they inform him that he has an unread voice message in the WhatsApp nonexistent voicemail.

When he hits “Play”, there is no message, but it downloads malicious software that the scammers introduce to your device. From that moment on, text messages with special rates or the theft of confidential information can cause the user a great deal of trouble. Remember: there is no WhatsApp voicemail.

  1. WhatsApp’s Spy

We are aware of the existence of WhatsApp Public, an application that allows you to spy your contacts in WhatsApp, but there is a scam that goes one step ahead and offers( with a similar name) a service which allows anyone to read conversations of others. But it is just another way of infecting with malware the gullible user’s phone.

whatsapp spy

Obviously, you can’t spy other people’s conversations and the only change it will bring it will come in your phone bill, which will increase considerably.

Remember that it is important to maintain your cellphone’s security. If you want, you can download free of charge our antivirus for Android.

The post WhatsApp: 6 scams you must pay attention to! appeared first on MediaCenter Panda Security.

WhatsApp calls available for Android!

whatsapp phone

Waiting is over! Calls via WhatsApp are available for Android users, but just for some users and only if they have the latest version installed. These calls can be made with an app beta version and also with the 2.12.5 update, launched already in Google Play.

Nevertheless, if you are an Android user and meet these requirements, but still aren’t able to use it, don’t despair. As before, WhatsApp hasn’t deployed it automatically yet.

How can you activate the calls in WhatsApp? For example, if you get a call from one of your contacts that already has it activated!

If not, just a bit of patience, and wait for your turn! Meanwhile, don’t fall for scams!

And if you want to protect your phone, download now our free Android antivirus.

The post WhatsApp calls available for Android! appeared first on MediaCenter Panda Security.

Watch out! WhatsApp Calling, the new WhatsApp scam!

whatsapp voice calls

Since WhatsApp announced that they were adding free voice calls to its services, cybercriminals have been trying to take advantage of it, and they have done it!

How are they doing it? Via a WhatsApp message wich invites the users to “try” the voice calls. If you get it, just ignore it!

Congratulations!! You’ve been invited to try Whatsapp Calling! Invite Your 10 Activate WhatsApp Friends to Activate Whatsapp Calling”.

whatsapp calling scam

Our collegues of Softonic have tried it and, obiously,  it turned out to be a scam. By clicking on the link you are redirected to a fraudulent site in wich after inviting ten friends you will be able to make voice calls via WhatsApp.

As you can imagine, by doing so, not only you won’t be able to call anyone, but you will be sending spam to those ten friends you chose!

We know you are eager to make calls via WhatsApp, but don’t be anxious! The safest way for installing this option will be when the own app informs you that you can make voice calls free of charge!

The post Watch out! WhatsApp Calling, the new WhatsApp scam! appeared first on MediaCenter Panda Security.