WhatsApp is cheap and easy to use, making it popular among South African and global smartphone users.
In January 2015, WhatsApp CEO Jan Koum announced the messaging platform had more than 700 million monthly active users around the world.
In South Africa, the World Wide Worx and Fuseware SA Social Media Landscape 2015 report pegged the country’s WhatsApp user base at 11.8 million.
It popularity was reinforced in the 2015 Student Tech Survey, which revealed that 92% of students used WhatsApp for their messaging needs.
Unfortunately for South African users, fraudsters and scammers try to take advantage of the platform’s popularity – looking to make a quick buck off unsuspecting victims.
Watch out for these WhatsApp tricks
Local WhatsApp users must watch out for the methods detailed below, used by those looking to make a quick buck off of victims or to infect devices with malware.
WhatsApp upgrade SMS
This SMS campaign can cost unsuspecting WhatsApp users R210 per month, and involves users clicking on a link that initiates a daily monetary deduction.
An SMS that reads: “You have not updated to the latest WhatsApp add-ons. Click here now [URL]. (Free MSG) 31655 optout dial 0110621424”, is sent to smartphone users.
Clicking on the link in the SMS takes users to a screen which asks them to “Update your wall 4 WhatsApp”.
The fine print below a green “Continue” button shows the message is for a subscription to a social network called Buddiechat, which costs R7 per day.
WhatsApp Wangiri fraud is where local WhatsApp users are urged to call an international numbers, incurring significant costs when they do.
Wangiri is a type of phone fraud where the perpetrator dials random numbers and then hangs up after one ring. Users then call back believing it was a legitimate call, and are charged premium rates.
The WhatsApp-based version of Wangiri fraud sees local users receive a WhatsApp message with a contact attachment.
However, the number in the contact is different to the number the message originated from. Calling this number back could cost you a lot of money.
WhatsApp pop-up update
Pop-up windows posing as “WhatsApp updates” can infect a device with malware if clicked on, and users are advised to only update the messaging app through the application’s settings menu.
The pop-up asks users to “download an update” or “install a new version” of WhatsApp while they are browsing the Internet – but the pop-ups are not linked to WhatsApp in any way and are created by malware pushers.
WhatsApp subscription “competition”
A WhatsApp “competition” is doing the rounds, where users receive a message which links to a “Facebook page”.
Navigating to this page lets you spin a prize wheel, which results in users “winning” a Samsung Galaxy S6. This takes you to a new page, where to claim your prize you have to “share” your result 10 times.
Clicking the “continue” link after sharing your result takes you to a new page where you are told your prize has been reserved.
To claim the reserved Galaxy S6, you have to enter your cellphone number and click “Yes, I want”, with regards to the prize.
This then takes you to a new screen which informs you an SMS will be sent to your phone – you are instructed to reply “yes” to this SMS.
The terms and conditions of replying “yes” to the SMS – you are now subscribed to a R7-a-day service.
WhatsApp voice calling invitation
When WhatsApp voice calling hit the market, distributors of malware jumped at the opportunity to attack early adopters.
One attack involves a message being sent from someone who appears to be a legitimate friend, which states: “Hey, I’m inviting you to try WhatsApp Free Voice Calling feature, click here to activate now.”
The link takes users to a website, where they are asked to take a survey. To take the survey, users are asked to download applications and software, which contain malware.
Panda Security has also warned of a fake invitation claiming to be from WhatsApp, inviting users to activate WhatsApp calling. Clicking on the invitation may lead to malware being downloaded onto a user’s device.