If you receive a sudden message prompting you to participate in a vote, exercise caution. Scammers are employing a new strategy to deceive users of chat apps, and failure to adhere to basic precautions could result in accounts being compromised.
This new threat exploits the popularity of voting systems, where users can express their preferences for favorite sports personalities or actors.
According to cybersecurity experts at Kaspersky, these messages may not be as innocuous as they appear. Instead of facilitating an interactive voting process, they contain links that redirect individuals to fraudulent websites designed to steal personal information.
Kaspersky elaborated that the scam commences by directing users to a seemingly legitimate webpage promoting a voting competition. The page typically showcases images of athletes, each accompanied by a “Vote” button and live counters displaying supposed vote tallies and user participation numbers.
Those who fall for the scheme may unwittingly provide scammers with their usernames and private 6-digit codes, which are then exploited to seize control of the account.
Tatyana Shcherbakova, Web Content Analyst at Kaspersky, emphasized, “We observe a surge in online contests incorporating voting, a trend exploited by attackers leveraging the perceived harmlessness of this activity. By blending social engineering with convincing counterfeit interfaces, hackers are leveraging user engagement to pilfer sensitive data. Alertness and caution are paramount for safeguarding oneself.”
To safeguard against such hijacking schemes, Kaspersky advises following these four guidelines:
– Activate two-step verification on WhatsApp to enhance security by requiring a PIN for account access.
– Exercise caution when entering personal details on unfamiliar websites, particularly those accessed via unsolicited links. Always verify the legitimacy of the URL.
– Refrain from sharing verification codes, as WhatsApp never requests this information. Do not disclose or accept verification codes from any source, even if they appear trustworthy.
– Employ reputable security software to identify and block malicious websites and links.
We and our partners at Reach, along with our entities, utilize data collected through cookies and other identifiers from your device to enhance your site experience, analyze usage patterns, and deliver personalized advertising. You can choose to opt out of data sharing or selling by clicking the “Do Not Sell or Share my Data” button at the bottom of the webpage. Please note that your preferences are specific to the browser. Your use of our website and services signifies your consent to cookie usage and agreement to the practices outlined in our Privacy Notice and Cookie Policy.
