sb-nz logo
Story image

Beware! New WhatsApp scam offering “free internet without Wi-Fi”

16 Jan 2017

It seems that the number of scams spreading through the messaging app WhatsApp keeps on increasing, with deceptive campaigns coming up with with novel ways of luring in victims. Today we will show you a new example of this.

This particular WhatsApp scam promises users a free internet service, without needing to use Wi-Fi. Despite being complete nonsense from a technical point of view, the offer may nevertheless appear tempting to those unaware of the realities. And it’s also selling something pretty amazing …

Imagine being able to navigate with your smartphone wherever you are, without mobile data from your carrier or a Wi-Fi network. Who wouldn’t like that while on holiday abroad? It’s like magic … because it’s not real. Clicking on this scam won’t change that.

The decoy

As usual, the message spreads via WhatsApp groups or comes from a friend who “recommends” the service – often unaware of it. In this case, you receive a special invitation with a link:

Once you click on the link, the page will detect the device’s language and show the following images, with the intention of making the scheme credible and leading the victim to share the content with at least 13 people. Thus, the scam keeps spreading:

On the bottom of the screenshot you can see some comments from people who supposedly tried the service, stating that it works. This is a ruse. Clearly these messages and the profiles associated with them are fake – they aren’t on Facebook at all, so this is all part of the fraud.

As you can see in the image below, the scam can also be seen in Spanish (you will be automatically redirected to their default language depending on their browser settings). All of this goes on without you even noticing:

This behaviour is widely used nowadays, mostly because it allows cybercriminals to create different scams using the same pattern, in order to make them credible for users in multiple countries. This way, they don’t depend on a single country or language and they can target different nationalities all at once.

What happens after you share?

Having overcome the barrier of sharing, unwary users looking for free internet end up on sites where different actions may occur, ranging from subscription to premium and costly SMS services, to installation of third party apps, always with the goal of granting an economic return to the scammer.

Unfortunately, victims will only see offers, but no trace of free internet.

Tips to avoid falling in these campaigns

We have to keep in mind that education and security solutions are still the main tools users need to be safe online. Awareness about these scams should become viral faster than the scams themselves; however, we keep seeing an alarming rate of propagation.

If you know a victim, you can help by alerting their contacts to avoid hitting sour note. In case you want to report the fraud, you can flag it in your browser as is usually done in phishing campaigns.

Article by Lucas Paus, Welivesecurity.

Story image
Fortinet: Hyperscaling networks? Hyperscale your security!
Jon McGettigan, Fortinet A/NZ Regional Director, explains why a broad, integrated and automated security fabric is the most effective strategy to protect users, apps and data in a hyperscaling environment.More
Story image
Need for greater understanding of data security responsibility as cloud adoption grows - report
Despite the accelerated adoption of cloud services, there was a lack of clarity and confidence regarding the protection and recovery of data stored in public clouds.More
Link image
Webinar: Securing privileged access to stop attackers in their tracks
Thycotic's immersive webinar will demonstrate how attackers acquire passwords on endpoints and access critical cloud applications — without being detected.More
Story image
Over a third of New Zealanders fell victim to cybercrime in the last year
"As we connected to the internet for everything from work and school to entertainment, social connection and even groceries, cybercriminals took advantage and launched coordinated attacks and convincing scams."More
Story image
97% of organisations experienced a mobile threat in 2020 — report
93% of these attacks originated in a device network, which includes attempts to trick users into installing a malicious payload via infected websites or URLs, or to steal users’ credentials.More
Story image
ThreatQuotient hits $22.5m in new financing, continues growth streak
“Since we first invested in ThreatQuotient in 2017, their team has continued to prove to the market that there is a critical need for cybersecurity solutions aimed at security operations."More