WhatsApp Fraud Modes Increase, Latest Style Has Many Victims

Jakarta, CNBC Indonesia – Fraud on the internet is increasingly happening. This includes many methods used to commit fraud on WhatsApp.

Most modes utilize APK files. The file will be sent randomly to many numbers and it is hoped that the recipient or potential victim will press the download button for the dangerous file.

The following are a number of online fraud modes that occur on WhatsApp:

1. Courier Mode

This fraud contains someone claiming to be from J&T. Fraudsters send an apk file attachment with the words See Package Photos and ask victims to download it.

When downloaded, the victim will lose the money held by the bank. The victim’s data, including financial data, will also be stolen by the fraudsters.

2. Wedding Invitation File

A file such as a wedding invitation will be sent to many WhatsApp users. This apk file is entitled Digital Wedding Invitation Letter, the size is 6.6 mb.

Just like the previous method, the fraudsters will urge the victim to open the apk file.

Read: Beware of Fake WhatsApp Applications Stealing Data and Hacking Accounts

3. Fake traffic ticket

Many WhatsApp users also received apk files as if they had been ticketed. The apk file is titled ‘Surat Tilang-1.0 apk’.

“WARNING! Be careful of fraud using this method of sending a ticket via WhatsApp. Never click/download files with the extension “.apk” from unknown people on your gadget,” tweeted the account @MurtadhaOne1.

4. Fraud in the Name of MyTelkomsel

Another method is to use the name of Telkomsel’s application, MyTelkomsel. Just like before, there will be an apk file that the victim receives and is asked to download.

The file will also request access permission for a number of applications, including photos, videos, SMS, and access to digital banking or fintech service accounts.

5. Announcement from the Bank

The fraudsters also appear to make announcements from the bank. The contents of the announcement relate to unreasonable changes in transaction and transfer rates.

Potential victims will be asked to fill out a form in a link. However, this link will steal a number of sensitive data belonging to the victim.

Read: Don’t just download applications on your Android cellphone, your account will be completely drained!

6. VCS Invitation

Another fraud is carrying out video call sex (VCS) and then blackmailing the victim. According to cyber security expert Alfons Tanujaya, this method takes advantage of a person’s ignorance about technology.

“If you are in doubt and are being blackmailed, contact a friend who understands and ask for help to deal with threats that we don’t understand, don’t just follow the threats,” explained Alfons.

7. Use QR

The perpetrators also tried to obtain the victim’s personal information using a combination of QR codes and phishing methods. The QR code will take you to a specific site that can trace the list of applications to the victim’s address.

Victims will also be redirected to fake websites. The perpetrator will make the site difficult to detect before the website is opened.

Beware of quishing scams

Fraud using QR codes to ensnare victims is called “quishing”. For your information, “quishing” is a combination of QR codes and phishing. Through this method, the perpetrator will lure the victim to obtain personal information and data.

In this mode, the victim will be taken to a certain site after scanning the QR Code via cellphone. Apart from being able to send regular text messages, this mode is also able to show a list of applications and even map addresses.

Perpetrators take advantage of this ability to direct potential victims to fake websites by making it difficult for people to detect the site they want to visit before opening the web.

Wired wrote that quishing perpetrators will trick someone into downloading something onto the device. These downloads will harm the victim’s device.

This crime is increasingly massive because QR codes can be created easily and by anyone. One can even make it without any special skills.

However, there are ways to avoid the crime of quishing. The main thing is not to trust QR codes that are installed in public places or given to people who don’t know where they come from.

You can also recognize QR codes with criminal intent. Because, generally fraudsters will increase the sense of urgency and concern of potential victims, for example by including the statement “Scan this QR code to verify your identity or prevent deletion of your account”.

Finally, don’t forget to enable two-factor authentication on each account. Additionally, it also logs out devices that are no longer in use.

Source : CNBC INDONESIA