For those of you who can’t seem to get enough of Whatsapp, you may now connect to most popular messaging system via your web browser.
Last month, Whatsapp launched its web client called Whastapp Web, giving users the means to read and send messages directly from their browsers.
Unfortunately, cybercriminals are always lurking around. When the opportunity presents itself to spread malware at the expense of unsuspecting victims, cybercriminals do not waste time. They jumped right in and make life hell for us.
What are they up to now? It has been reported that they have taken advantage of Whatsapp Web and tricked users into downloading a fake app disguised as a desktop variant. A seemingly genuine Whatsapp Web for Windows was found in a spam campaign for fake download that actually spreads financial malware Trojans.
A number of domains have been registered by these criminals to host their malware. Some were found to be already in use; one of them, whatsappcdesktop.com.br, was found to be distributing Brazilian banking Trojan, while others were yet to receive instructions from the criminals. On the other hand, unsuspecting users have been tricked into installing a suspicious Google Chrome extension that look like a simple messaging app, but in actual fact had nothing to do with Whatsapp.
All too often, users are easily convinced to download apps that look legitimate. Some of these apps look promising and if it looks promising, why not install them? In this case, the main objective of the criminals is to capture the mobile numbers of the victims, and some victims were requested to submit their mobile numbers while attempting to download the fake Whatsapp Web client. With these mobile numbers, the criminals would be to run spam campaigns or cause the victims to unknowingly subscribe to premium-rate-services (see Definition), at the expense of the victims.
What users have to realize is that a click on a single unwanted message can lead to unwarranted problems for the victim. It could just prove to be a very costly mistake.
So, be vigilant and always keep in mind that it is almost impossible to avoid unwanted messages. If you really want to access Whatsapp on the web, do so from their official website, https://web.whatsapp.com.
Premium-rate-services – basically are goods and services that you can buy by charging the cost to your phone bill.