Appointments to get vaccinated against covid-19 turn out to be a hoax to steal WhatsApp accounts

Cybercriminals search through the person’s contact list and send a series of messages requesting money loans in their name.

Cybercriminals continue to use a type of deception that involves vaccination against Covid-19 to steal the WhatsApp accounts of their victims, information that they then use to steal money from other persons.

During 2021, the cybersecurity company Eset reported that there were cases in which some cybercriminals posing as representatives of the city government Buenos AiresArgentina, who allegedly contact people for a campaign of vaccinationbut it’s actually for 7ysteal personal data of the users.

Users alerted in October 2022 through Twitter about this modus operandi posing as a person from the Ministry of Health.  (ESET)
Users alerted in October 2022 through Twitter about this modus operandi posing as a person from the Ministry of Health. (ESET)

How the scam works

Victims are contacted at WhatsApp by a person using an image of the Ministry of Health of the Province of Buenos Aires, generating a sense of security for the future victim.

Camilo Gutiérrez Amaya, head of the Research Laboratory of ESET Latin America, states that criminals request a 6-digit code that will be received through text messages. “This is the code that sends WhatsApp to the phone number associated with the app to verify that it is the real owner of the line who is trying to open a bill of WhatsApp in a telephone”, he indicated.

In addition, cases have been reported that some people have even shared a voicemail of WhatsApp that contains the same information that can violate the security of users and gives the possibility of opening a second account in that platform on an additional device.

However, the deception is not yet complete as the criminals want to get economic benefit of his victim. That’s why you look at the list of contacts of the person and sends a series of messages posing as the account holder to apply for loans of money in your name.

Cybercriminals search through the person’s contact list and send a series of messages to request money loans in their name. REUTERS/Given Ruvic/

Although this is only the beginning of a series of new attacks that could be generated as a result of having an entire list of contacts. According to ESET, many people fall into this type of scams and that is why the users they must be informed and prepared to avoid similar situations.

How to avoid being a victim

The best way to avoid being a victim more of cybercriminalsis to take preventive measures and not trust anyone sensitive informationsuch as data related to accounts in social networksservices, applications, bank accounts, etc.

In the case of text messages or by email of people offering some kind of benefit on a platform whose services were not contracted or that have a offer too good to be true, it is best not to interact with him contents of these communications and delete them completely.

In addition, it is recommended that users avoid clicking suspicious links or that redirect to websites not sure yet if these were sent by known people who are within the contact list. In this type of case it is preferable to ask if that link was sent voluntarily and why it was directed at the user.

Some cases of cyber attacks start by offering a benefit but to access it you need to send a link to a certain number of contacts. It is preferable to avoid giving any type of information on this type of site and to spread these websites.

:

Exit mobile version