New WhatsApp Phishing Scam Targets Users' Contacts

Severity: Medium (Score: 54.8)

Sources: Abc7Ny

Summary

A new phishing scam targeting WhatsApp users has emerged, with scammers impersonating the app to steal personal information. Users may receive messages claiming their app credentials need resetting, leading them to malicious links that compromise their saved contacts. Matthew Stern, CEO of CNC Intelligence, reports that over a dozen fake WhatsApp domains are registered daily, often with slight variations in spelling. Scammers exploit urgency and fear, using tactics like fake Amazon recalls and Apple iPhone orders to lure victims. AARP's Amy Nofziger emphasizes the importance of verifying links before clicking. Users are advised to treat unexpected messages with caution and double-check URLs. This scam poses a significant risk to personal data and financial security. Key Points: • Scammers are impersonating WhatsApp to steal user credentials and contacts. • Over a dozen fake WhatsApp domains are registered daily. • Urgency and fear tactics are commonly used in phishing attempts.

Key Entities

• Phishing (attack_type)
• abc.com (domain)
• T1566.002 - Spearphishing Link (mitre_attack)
• WhatsApp (platform)