Be cautious if you receive an unexpected message prompting you to participate in a vote as scammers are utilizing a new tactic to deceive chat app users. Neglecting certain precautions could lead to accounts being compromised.
This emerging threat capitalizes on popular voting systems that allow users to express their opinions and disclose their preferences for various celebrities or athletes.
According to the security experts at Kaspersky, these messages may disguise malicious intent. Instead of presenting a genuine voting opportunity, they contain links redirecting individuals to fraudulent websites where personal information is stolen.
“The deception begins by guiding users to a seemingly authentic webpage promoting a voting competition,” explained Kaspersky. “For example, the page might showcase images of athletes, each accompanied by a ‘Vote’ button and live counters displaying supposed vote counts and participant numbers.”
Those who fall for the scam risk divulging their usernames and private 6-digit codes to fraudsters, enabling them to take over the account.
Tatyana Shcherbakova, Web Content Analyst at Kaspersky, elaborated: “We observe a rising trend in online contests incorporating voting, which attackers exploit by leveraging trust in this seemingly harmless activity. By merging social engineering with convincing fake interfaces, attackers are weaponizing user engagement to pilfer sensitive data. Awareness and caution are crucial for maintaining security.”
To safeguard against such hijacking scams, Kaspersky advises adhering to these four guidelines:
– Activate two-step verification on WhatsApp to enhance security by requiring a PIN for account access.
– Exercise caution when entering personal details on unfamiliar websites, particularly those accessed through unsolicited links. Always validate the URL’s authenticity.
– Refrain from sharing verification codes, as WhatsApp never requests this information. Do not disclose it to anyone or accept it from any source, even if seemingly trustworthy.
– Employ reputable security software to identify and block malicious websites and links.