Fortegra’s Response to Coronavirus (COVID-19). Click Here to Learn More.


Data protection & security

Stealthy cybercriminals target WhatsApp users

Stealthy cybercriminals target WhatsApp users


Cybercriminals know how to create an alluring trap. Recently, they have circumvented many consumer apps' weak security systems and gained access to smartphone users' personal information. Stealthy methods, such as creating imitation apps of popular games like Flappy Bird, have allowed data thieves to install malware applications on their victims' phones.

Cybercriminals begin their attacks by providing incentives that appeal to a large portion of smartphone owners. The fake Flappy Bird developers realized that there would be a consumer demand for similar apps after the game was pulled from app stores. Now, cybercriminals are targeting one of the most popular text messaging programs - WhatsApp.

WhatsApp has been a popular subject of recent news headlines due to Facebook's $19 billion acquisition of it. But now, stories are shifting focus to vulnerabilities in its security features. 

Paul Jauregui of information security provider Praetorian explained cybercriminals' use of WhatsApp in a recent blog post.

"It basically allows them - or an attacker - to man-in-the-middle the connection and then downgrade the encryption so they can break it and sniff the traffic," said Jauregui. "These security issues put WhatsApp user information and communications at risk."

The cybercriminals' plan of attack
According to Panda Labs, the research arm at Panda Security, data thieves are advertising apps via Facebook's "suggested post" feature. These ads try to convince WhatsApp users that they can spy on their contacts' text messages. Another post from the cybercriminals suggests that individuals can hide their WhatsApp status.

These ads redirect people to a fake Google Play page on which Android users can install the app. The page is filled with phony reviews that praise the app. Upon closer examination, one can see that not all of the details on this page are consistent. Panda Labs noted that the app has a score of 4.5, but it only has 3.5 stars. Additionally, the page claims that the score was generated from 35,239 votes, but the number of votes in the right column totals 44,060.

When Android users download the app, they unknowingly subscribe to a premium-rate SMS service. The app installs an SMS receiver that gives data thieves the ability to manage inbound text messages. 

Know how to protect your data
One of the reasons why cybercriminals often succeed in gaining access to personal information is that they are able to design apps well enough to make them seem legitimate. It can be difficult for Android users to identify fake Google Play pages because they closely resemble the actual pages.

Cybercriminals know smartphone owners tend to trust apps that are popular, which is why they include false statistics that indicate millions of downloads and positive ratings.

Even if these statistics were true, smartphone owners should know not to trust an app's safety just because it is popular. For example, Snapchat, the viral photo messaging service, experienced a security breach that affected 4.6 million users, according to The Washington Post. In fact, cybercriminals often target popular apps so that they can infiltrate a greater number of devices, so mobile users should be cautious about the safety of every app they download. Researching the protection and encryption measures of apps can help smartphone owners determine which ones are safe to download.

In addition to learning about apps' security features, you can protect your personal data with ProtectCELL's data protection plan. This program allows you to keep data safe by locating and locking devices that have been lost or stolen. ProtectCELL also lets you back up contacts, texts, events and photos and erase personal information if necessary.

Add to Twitter Add to Facebook Add to LinkedIn Add to Digg Add to StumbleUpon Add to Delicious

Related Articles

Securing the data on consumer smartphones is essential.

Legislators debate smartphone security


Standardizing IT security measures is a common practice, and mandating smartphone network protection may become a more popular idea as time progresses.

Read More
Mobile security 101: The basics to keep you safe

Mobile security 101: The basics to keep you safe


To keep your mobile devices and data safe, here are five basic tips to follow.

Read More
5 tips for Android users to enhance mobile security

5 tips for Android users to enhance mobile security


Android has established a firm place for itself in the smartphone market.

Read More
Stay safe with your BYOD smartphone

Stay safe with your BYOD smartphone


In the modern corporate world, it seems that both company leaders and employees are ecstatic about the bring-your-own-device movement.

Read More