WhatsApp has become one of the most popular smartphone apps in the world with over 1.5 billion monthly users, however a recent report by Appthority has found that the instant messaging service is also one of the riskiest apps used by enterprises. Along with Facebook Messenger, WhatsApp is the most commonly blacklisted app in organizations due to its risk of data leakage and high volume of phishing attacks. Recently, two of the most common messages received by users have been the ‘Martinelli’ video and ‘WhatsApp Gold’ messages, one of which is a hoax while the other does have the potential to cause serious harm to the user’s device or sensitive data.
This scam takes advantage of naive or vulnerable smartphone users by instilling fear and worry into their minds. Users receive a message warning them that a new video will soon be released on the platform that if viewed can install malware onto the device and cause irreparable damage. The user is then instructed to pass the message onto other WhatsApp users in order to spread the message, therefore creating a chain effect. Messages generally take the same format, warning users of the ‘Martinelli’ video’s impending release and claiming to have originated from a supposedly ‘reliable’ source, such as an ‘IT colleague’ or law enforcement. Below are two such message that circulated in Irish WhatsApp groups earlier this year:
What is interesting about these messages however, is that they are a complete hoax. A ‘Martinelli’ video has never been released as it simply does not exist. The scam seemed to originate in Spain, where police tweeted a picture of the fraudulent message and urged Spanish users not to pass it on to others. In Ireland, numerous news outlets and tech experts have reported that there is no viable threat to users or their devices and that these messages seem to be nothing more than junk mail and a modern chain mail campaign.
Source: Policía Nacional/Twitter
Often with these messages warning of the ‘Martinelli’ video, comes another warning about ‘WhatsApp Gold’, a premium version of the messaging app. As seen in one of the messages above, users will be warned not to click on a link to update the app and unlike ‘Martinelli’, this warning is legitimate. Since 2016, users have been receiving messages inviting them to upgrade to exclusive services such ‘WhatsApp Gold’ or ‘WhatsApp Plus’ that offer a range of extra features including video chat, the ability to send over 100 pictures at once and the option to delete messages that have already been sent. Once the user clicks on the link however, they are directed to a malicious website (such as the questionably named www.goldenversion.com) where they are instructed to download a malicious piece of software. This software can then be used to infect the device with malware and allow cybercriminals to steal sensitive data and track movements or device activity. It is thought that Android users have been mainly affected by these fraudulent messages. Claiming that WhatsApp will charge a fee or deactivate is also a commonly used tactic in chainmail campaigns, again taking advantage of users’ fear and lack of knowledge about cyber security.
How to avoid these scams
To avoid falling victim to these hoax messages or endangering the security of their smartphones and sensitive data, users should be aware that warnings like these are usually poorly written and more often than not are simply part of a chain mail campaign designed to irritate and worry smartphone users. They should not be passed onto other users and ideally should be deleted immediately. In regards to premium services such as ‘WhatsApp Gold’, WhatsApp never send out messages or emails claiming to be from admin or staff. Users should be aware that they should never click on or download anything that comes from an external link and should only agree to upgrade when they see the official upgrade message sent via iTunes or the Google Play Store.
For organizations that are worried about employee devices becoming compromised by malicious links sent via WhatsApp, the initial reaction may be to blacklist the app and block employees from using it altogether. However, this may not be the smartest move as WhatsApp can be extremely useful for communicating both personally and professionally, especially when employees are on-the-go. Corrata understands this and provides a mobile threat solution that detects and blocks access to any malicious site or download, allowing employees to continue using WhatsApp but ensuring that sensitive data and mobile devices are always protected from fraudulent or malicious attacks.
To find out more about how Corrata’s solution could help protect your organization’s mobile devices from fraudulent WhatsApp messages and other threats, visit www.corrata.com or email us at firstname.lastname@example.org.