The WhatsApp messenger is due to its great popularity repeatedly the victim of scams. Scammers camouflage their attacks with the so-called “phishing” method as serious news. Often credit card or credentials for the bank account are requested for supposedly valid reasons. Sometimes malware, which is malicious software, is also distributed via the messenger.
Beware of phishing messages camouflaged as an update
To under-cheer users of malicious software, messages are often sent, such as to invoke a security update. This is justified by the loss of important data.
At the end of February, the site Onlinewarnungen.de warned against a WhatsApp message, which asked the recipient to download an update for WhatsApp, because the app was allegedly hacked:
Your WhatsApp version has been hacked! Install the update IMMEDIATELY!
Otherwise WhatsApp will not be responsible for your data.
Link to the update file: https://bit.ly/2GJGvtu
Enter OK to activate the link.”
The message was sent by the Afghan mobile number +79257191762. If you ever receive a message from this number in the future, contact WhatsApp Customer Support immediately. The link can be found here: https://www.whatsapp.com/contact/?subject=messenger&lang=en.
The now deleted link referred to a file called “Security_Update.apk”, which can only be opened on Android smartphones. Windows, iOS and Mac users are safe because the file does not even open. The link must first be opened with a browser such as Google Chrome so that the data is ever downloaded. When the download is complete, a message will appear asking if you really want to install the file. When the installation is confirmed, an icon will appear on the home screen named “WhatsApp Update”.
This can happen when you install a malware app
For example, a spyware application may be behind the installed app. If you click on it, you will be redirected to the system settings to give the apps specific access rights. Once the app is open, it keeps coming to the fore until the appropriate rights have been granted. After that, it is possible for the hackers to track all your activities on the smartphone, as well as to read out your passwords.
You have to do that if you have been the victim of a malware attack
Disconnect immediately any connection to the Internet, so both the mobile network and the WLAN. This will at least interrupt the data transfer and hackers will no longer be able to access your device. In most cases, you need to completely reset the smartphone to factory settings, as this is the only way to remove all traces of the malware. The simple uninstalling of the app is often not enough, because it is implanted in several places on the smartphone and can even reinstall itself after the deletion. If you have not backed up your data, all data will be lost when you reset it.
How to Protect Yourself from Android Malware
It’s relatively easy to protect yourself against malicious software by never downloading updates from sources other than the Google Play Store. Because it is only here Google’s own Play Protect service, which examines apps for malware, really.
Fortunately, the Android operating system has a built-in protection feature that, by default, prevents apps from sources other than the Google Play Store from being installed. While it is a system-wide restriction in the older version of Android, but can be changed with one click for all apps, the user can decide from Android 8 Oreo itself, which sources he wants to allow the installation of apps. So if you have a smartphone running Android 8 or 9 and Chrome or another browser asks you if you want to allow installation from that source, always click NO. WhatsApp updates are always distributed through the Google Play Store. WhatsApp will NEVER to ask to install the update via the messenger itself.