WhatsApp Fraudsters Have Many Victims, Here's a List of the Latest Methods for 2024
Photo: cover topic/whatsapp looking for money/Aristya Rahadian Krisabella
- Online fraud often occurs. The perpetrators used many things, including WhatsApp, to ensnare their victims.
WhatsApp is known as a platform that is widely used in the world. The platform, which is a subsidiary of Meta, is also often used by users in their daily activities.
Most scams via WhatsApp make use of APK files that are randomly sent to other people's cellphone numbers. The goal is for the chat recipient to click and download the file and then unknowingly install the malicious application on their cellphone.
This method of hacking, known as phishing, is similar to the crime of sending links via email. Online fraudsters hope that the recipient of the email or WhatsApp will provide access unknowingly so that their cellphone or financial account can be taken over or hijacked.
For more details, here are a number of online fraud modes on WhatsApp this year:
1. Courier Mode
This fraud was reported by an Instagram account that revealed a Telegram chat with someone claiming to be from J&T. The fraudster sends an attachment with a file name in the form of an apk with the words VIEW Package Photos'.
Those who download the file will lose money deposited in the bank. Various data, including financial, will be taken by the perpetrators.
2. Wedding Invitation File
This fraud has become a topic of much discussion because many WhatsApp users have received it. They were sent an apk file by an unknown person, namely a wedding invitation.
The file or application with the title Digital Wedding Invitation Letter is 6.6 MB in size. Fraudsters invite their victims to open files to check the authenticity of the files inside.
3. Fake traffic ticket
A number of netizens also found themselves being sent fake traffic tickets. There is an apk file entitled 'Surat Tilang-1.0 apk' in the chat.
"WARNING! Be careful of fraud using this method of sending a ticket via WhatsApp. Never click/download files with the extension ".apk" from unknown people on your gadget," tweeted the account @MurtadhaOne1.
4. Check out MyTelkomsel
There have also been other scams on WhatsApp using the name MyTelkomsel. This is an application belonging to the operator Telkomsel.
The victim will be asked to click on the apk file that was sent. Next, they will be asked to provide access permission to a number of applications, including photos, videos, SMS, and access to digital banking or fintech service accounts.
5. Announcement from the Bank
Another scam is making announcements that appear to come from the bank. It contains unreasonable changes in transaction and transfer rates.
WhatsApp users will be given a link to fill out the form. This link will result in their data being stolen by the perpetrators.
6. VCS Invite
Another method is to make video call sex (VCS) from unknown numbers. They are said to be blackmailing their victims.
Contacted some time ago, cyber security expert Alfons Tanujaya said this method exploits a person's ignorance about technology and makes it a threat. "This is in principle blackmail that takes advantage of someone's ignorance or security about technology," he said.
"If you are in doubt and are being blackmailed, contact a friend who understands and ask for help to deal with threats that we don't understand, don't just follow the threats," he explained.
Drain account using QR code
Another frequently used method is quishing, which is a combination of QR codes and phishing. The perpetrator will lure the victim to obtain their personal information and details.
Buyers make qris payment transactions at Santa Market, Jakarta, Monday, (3/7). (CNBC Indonesia/Muhammad Sabki)
When scanning a QR Code, the victim will usually be taken to a certain site. Apart from being able to show regular text messages, the site can track the list of applications to the victim's map address. Perpetrators take advantage of this ability to direct potential victims to fake websites. They will make it difficult for people to detect the sites they want to visit before opening the web.
Wired said that quishing perpetrators will trick someone into downloading something onto the device. These downloads will harm the victim's device.
The next step, victims will be asked to enter some login credentials. This information will be obtained by the perpetrator of the quishing. This crime is increasingly massive because QR codes can be created easily and by anyone. One can make it even without any special skills.
How to Avoid Quishing
However, there are ways to avoid the crime of quishing. The main thing is not to trust QR codes that are installed in public places or given to people who don't know where they come from.
You can also recognize QR codes with criminal intent. Because usually fraudsters will increase the sense of urgency and worry of potential victims. For example, by including the statement, "Scan this QR code to verify your identity or prevent deletion of your account."
Finally, don't forget to enable two-factor authentication on each account. Also, don't forget to log out of devices you no longer use.