1 / 11

Beware of a Voice Message Phishing Scam on WhatsApp

In the first quarter of 2022, we are witnessing the rise in data theft malware activities and numerous malware campaigns. According to reports, these campaigns delivered over 28,000 emails, which led to information-stealing malware targeting sensitive information such as cryptocurrency wallets, files, and SSH keys stored in the system.<br>

infosectrain1
Télécharger la présentation

Beware of a Voice Message Phishing Scam on WhatsApp

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Beware of a Voice Message Phishing Scam on WhatsApp www.infosectrain.com | sales@infosectrain.com

  2. In the first quarter of 2022, we are witnessing the rise in data theft malware activities and numerous malware campaigns. According to reports, these campaigns delivered over 28,000 emails, which led to information-stealing malware targeting sensitive information such as cryptocurrency wallets, files, and SSH keys stored in the system. www.infosectrain.com | sales@infosectrain.com

  3. WhatsApp Voice Message in Email WhatsApp Voice Note in Email feature was introduced in 2013; the email campaign includes a WhatApp Voice Message with the subject of “New Incoming Voice message” and the body consists of “New Private Voicemail” along with the Play button. The sender ID implied that the email originated from the Center for Road Safety of the Moscow Region server (cbddmo.ru). It indicates that the email server has been compromised in promoting phishing campaigns. That message consists of the malware, in which the user clicks on the play button; it redirects to the page that notifies to allow permission from the browser. People who are unaware of malware campaigns would enable the notification, which further subscribes to adult sites, unnecessary ads, etc. Also, it will make users install the malware, which can lead to data theft. Although this involves using WhatsApp mail to promote the campaign, officially, WhatsApp does not have any connection with this campaign and does not have any such domain or landing pages. The attackers did not even use the logo of WhatsApp to avoid Gmail’s Verified Mark Certificate (VMC) check. www.infosectrain.com | sales@infosectrain.com

  4. What exactly is a Phishing Campaign? • The Phishing Campaign is an email scam performed to steal information from the targeted networks. It is an attempt done by the attackers to gather sensitive information about a person or organization, such as login credentials and credit card details, through emails. • Hackers can perform these campaigns by prompting official emails that allow users to provide sensitive information as it looks identical to the legitimate mail. Phishing is also used to spread malware by adding links, buttons, or mail attachments. • Types of Phishing Campaigns • The primary aim of any phishing campaign is to steal personal information, and there are many different types of phishing as follows: • Email Phishing • Spear Phishing • Smishing • Vishing • Whaling • Clone phishing • Social Media Phishing • Pharming • Business Email Compromise • Search Engine Phishing www.infosectrain.com | sales@infosectrain.com

  5. How to protect from Email Campaign? • Awareness campaigns are the best way to educate employees or the working staff to make them identify the difference between legitimate and spoofed messages or emails. Employees need to check for the following tips before clicking or opening a message or a URL: • Check for the email domains • Do not click on pages that alert you in a suspicious way • Do not allow permission to a page that is unfamiliar • Should prefer using official websites which are familiar • About InfosecTrain • InfosecTrain is one of the best Security and Technology Training and Consulting organizations that provides a wide range of IT Security Training and Services. It offers well-designed instructor-led courses over various certification programs related to cybersecurity and Information Security. These courses would help you to enhance your skills and become professional. www.infosectrain.com | sales@infosectrain.com

  6. About InfosecTrain • Established in 2016, we are one of the finest Security and Technology Training and Consulting company • Wide range of professional training programs, certifications & consulting services in the IT and Cyber Security domain • High-quality technical services, certifications or customized training programs curated with professionals of over 15 years of combined experience in the domain www.infosectrain.com | sales@infosectrain.com

  7. Our Endorsements www.infosectrain.com | sales@infosectrain.com

  8. Why InfosecTrain Global Learning Partners Access to the recorded sessions Certified and Experienced Instructors Flexible modes of Training Post training completion Tailor Made Training www.infosectrain.com | sales@infosectrain.com

  9. Our Trusted Clients www.infosectrain.com | sales@infosectrain.com

  10. Contact us Get your workforce reskilled by our certified and experienced instructors! IND: 1800-843-7890 (Toll Free) / US: +1 657-722-11127 / UK : +44 7451 208413 sales@infosectrain.com www.infosectrain.com

More Related