In 2013 we shared a series of blog posts about several WhatsApp scams making the rounds redirecting people to pharmaceutical sites and malware.
In recent weeks we have seen that these scams have made a comeback and are evading modern spam filters.
Sample Spam Email:
Using the email above as an example, by pressing the 'Play' button on a Desktop or Mobile browser the user is taken to a site masquerading as an article from the BBC titled:
SPECIAL REPORT: We expose how to lose 23 lbs of Belly Fat in 1 Month With This Diet Cleanse That Celebrities Use
Instead of taking the user directly to the scam site, they try to dupe the would-be victim into thinking that the deal is legitimate by impersonating the above article. All other links lead to the real BBC site, however attempting to leave the page will also launch a pop-up window to the fake shop which can be confused for a legitimate advertisement.
Pop-up window loads when leaving the site:
If the user chooses to learn more about the 'celebrity cleanse' they are then taken to a site where they are prompted to enter personal information including personal email, postal address, and phone number.
Sample screenshot of the landing scam page:
Increasing mandates around the security of personal data have made encryption for every business. Australian businesses are leading the world in the use of encryption to protect backups, payment-related data, and laptops – and yet they still have a long way to go before encryption is both ubiquitous and manageable.
Increasing use of encryption has created new challenges for enterprise security managers. Ever more-sophisticated encryption such as Perfect Forward Secrecy (PFS) protects data and may even boost your Google ranking – but it also provides a haven for malicious code that may use encryption to bypass enterprise security controls.