BACKGROUND
BruCERT has received reports of scam text messages shared via WhatsApp, offering a COVID-19 relief fund from the government. The message includes a malicious link which appears as http://bit.ly/COVID19_SUPPORT-FUND
Clicking on the link will redirect the user to a malicious website where they will be asked to enter personal information and the amount that they require from the relief fund. After providing the information, they will then be asked to forward the link to about 15 WhatsApp contacts or 5 WhatsApp groups. They will also be asked for bank details where the fund can be transferred.
Researchers have tested the link and found that it is able to run malicious activities (attempting to steal credentials) in the system background while the user answers the questions given.
IMPACT
- Phishing attack
- Personal information and credentials can be stolen and compromised
- Identity theft
- Breach of WhatsApp contact list
RECOMMENDATIONS
- Be skeptical of forwarded messages. If something sounds too good to be true, it usually is.
- Do not click on any suspicious links.
- If you receive a similar message, take screenshots as evidence and report the scam.
- Verify the source by contacting the organization that it claims to be from. Government officials will never ask for personal and financial information via WhatsApp or unofficial communication channels.
- Never provide your personal or financial information unless you are sure who you are talking to.
- Double check links, websites or emails before clicking.
- Do not share any messages if you are unsure of its legitimacy.
- Keep yourself updated with official information on COVID-19 funds and charities.
- Always update your operating system (OS) to the latest version.
- Install antivirus and update it automatically.