WhatsApp attack: 'Tens of thousands' fall victim to Russian voice message ambush

A phishing attack designed to look like a WhatsApp voice message has already compromised tens of thousands of email accounts.

The tried-and-tested attack method appears to be a harmless email containing a link to a WhatsApp voice message.

But anyone clicking on the link is taken to a malicious website that attempts to install a virus on the victim’s device.

Cyber security researchers at California-based Armorblox report that nearly 28,000 mailboxes – across both Gmail and Microsoft’s Outlook program have been impacted by the ambush.

More worryingly, the company says the email attack comes from a valid Russian-based domain.

The experts say the ‘mailman.cbddmo.ru,’ domain is associated with an organisation known as the ‘Center for Traffic Safety of the Moscow Region’ – which is a part of the Russian Ministry of Internal Affairs.

The phishing email contains the subject line ‘New Incoming Voicemessage’ and is supposedly from a WhatsApp Notifier function.

The fake WhatsApp email containing a dangerous link

The security researchers say that, although it looks authentic, it’s actually a trick.

‘Upon clicking the “Play” link in the email, recipients were redirected to a page that attempts to install a trojan horse JS/Kryptik,’ explained Lauryn Cash from Armorblox.

‘This is a malicious obfuscated JavaScript code embedded in HTML pages that redirects the browser to a malicious URL and implements a specific exploit.’

‘The Armorblox research team was able to observe this attack on multiple customer tenants across Office 365 and Google Workspace. The potential total attack exposure was close to 28K mailboxes.’

Targeting WhatsApp users and zeroing in on voice messages make sense given the staggering amount of users the service has.

What is phishing, and why is it called phishing?

A Royal Mail scam has been making the rounds.

Phishing is the term applied to kind of electronic communications scam that aims to obtain private information, or to spread harmful malware, via the recipient.

The phenomenon takes its name from fishing due to the parallels in unaware targets being reeled in by bait.

The term was coined around 1996, according to Computer World, as internet scammers began using e-mail lures, setting out hooks to fish for passwords and financial data from the sea of Internet users.

Hackers commonly replace the letter f with ph, a nod to the original form of hacking known as phone phreaking.

Every day on WhatsApp, over 7 billion voice notes are sent back and forth as voice messages provide a quick alternative to a phone call.

Voice messages are especially preferred by older family members who want to avoid typing or even communicating in another language.

Obviously, if you see this email (or one that looks like it) land in your inbox, don’t click the link.

AI Disclaimer: An advanced artificial intelligence (AI) system generated the content of this page on its own. This innovative technology conducts extensive research from a variety of reliable sources, performs rigorous fact-checking and verification, cleans up and balances biased or manipulated content, and presents a minimal factual summary that is just enough yet essential for you to function as an informed and educated citizen. Please keep in mind, however, that this system is an evolving technology, and as a result, the article may contain accidental inaccuracies or errors. We urge you to help us improve our site by reporting any inaccuracies you find using the "Contact Us" link at the bottom of this page. Your helpful feedback helps us improve our system and deliver more precise content. When you find an article of interest here, please look for the full and extensive coverage of this topic in traditional news sources, as they are written by professional journalists that we try to support, not replace. We appreciate your understanding and assistance.