WhatsApp coup affects more than 5 million Brazilians in 2020

Recent projections by the dfndr lab, a laboratory specializing in digital security at PSafe, point out that more than 5 million Brazilians were affected by a WhatsApp cloning scam last year.

The messaging app is attractive to cybercriminals as it is one of the most used in the world, thus becoming a fertile environment for this and other scams. In the ranking of Brazilian states most affected by the coup are São Paulo, in the first place, with 71,900 victims, followed by Rio de Janeiro with 39,500 and in third Minas Gerais, with 28,700.

Emilio Simoni, director of the dfndr lab, explains that this scam begins even before the cybercriminal takes possession of the victim’s WhatsApp: “It is common that, now that the scam has become so popular, cybercriminals seek increasingly creative ways to attract new victims . We have identified several fake profiles on social networks, many even impersonating companies, in an attempt to gain people’s trust. It is through a first contact with the possible victim, that the scammer uses social engineering to convince him to pass his PIN code, with which he can improperly gain access to a WhatsApp ”.

Look this
PSafe blocks more than 120 thousand fake “Pokémon GO”
SP targeted 25% of attacks blocked by PSafe

In the strategy of creating fake profiles, scammers simulate the look and language of the original brands. “It is normal for criminals to contact each other via social media chats, posing as the support of companies or inventing false promotions and research, all in order to obtain the information necessary to apply the scam. For this reason, it is essential to pay close attention whenever a profile, which supposedly belongs to a brand, contacts you on social networks. Avoid giving your cell phone number or any code you receive in such approaches ”, recommends the director.

Damage to victims and their contacts

Once cybercriminals have access to the victim’s WhatsApp, they study the messages to understand the user’s behavior and how to communicate. After that, the scammers start conversations with the contacts posing as the account owner, and once again using social engineering they try to convince them to provide financial favors, which are usually requests for loans and / or payment of bills.

“However, asking for favors is not the only risk of this coup. By having access to the victim’s account, the scammer will be able to read everything she shared or was sent to her, whether it be personal data, confidential information of the company she works for, photos and documents. Putting your hands on this type of content can open up a range of options for cybercriminals to blackmail and apply other scams to the victim’s data, ”explains Simoni.