There was a time when people wanted to connect on Facebook, Gtalk and Yahoo messenger, however today you will find people asking each other whether they are on WhatsApp or WeChat or Hike or Telegram or any such platforms!
We being in the digital era, most of us have adopted to new ways of communication using mobile messaging apps. Due to this, social media platforms have taken a slight backseat when it comes to instant messaging. As almost every user has a Smartphone, they prefer communication over their mobiles rather than on the web. This is also a reason that many social media platforms such as Facebook now facilitate with messenger apps as well.
Messaging apps allows instant text messaging, voice messaging, content sharing all over the Internet, using a mobile phone. They have become popular amongst the users because these apps are cost efficient as compared to sending SMSs and they facilitate sending and receiving of messages and calls by using only an active Internet connection. Viber, WhatsApp, WeChat and LINE are few examples of these apps.
The question still remains, as messaging apps are gaining popularity amongst users, will it not give rise to security issues?
Now that users are slowly shifting from web to mobile, scammers are also gradually shifting their interest from social media platforms to mobile messaging apps. These apps are compatible with popular mobile operating systems that are used by most of the users today to send and receive messages, share videos and photographs. Due to the increasing popularity of these messaging apps, scammers are aiming to target it and planning to affect millions of users in various ways.
According to Malcovery Security’s Brendan Griffin, WhatsApp was being used as a malware since at least September 19, 2013. Fake voice mail attachment was sent through e-mails that claimed to come from the WhatsApp messaging service to many users. The e-mails contained a ‘Play’ button that directed the user to a malicious website where a malicious app in the form of voice message was offered for download. Lately, scammers had even exploited the popularity of WhatsApp by sending fake emails masquerading as “Whatsapp Voice Notification” to distribute a malware known as UPATRE on to the desktops/laptops. UPATRE is a tiny malware file with a little malicious behavior that was sent repetitively on user’s mobile. This malware was attached as a .zip file which when executed will cause Zeus Trojan to be downloaded in the desktop/laptop of the user as a secondary malware.
Moreover, scammers are using other malicious apps to explore vulnerabilities in apps for their criminal tasks. Reportedly, a malicious balloon gaming app, BalloonPop2 was offered for mobile download, which was initially offered in Google Play, but was closed recently due to security reasons. The users could actually use this gaming app to play the game after downloading it. However, once downloaded, it would start gaining access to the user’s WhatsApp account. Scammer can then copy the WhatApp conversation and upload it on the developer’s WhatsApp Copy website.
Moreover, as WhatsApp has become a bigger name after the Facebook deal for WhatsApp, other similar apps may become a threat to security as well. That is, if users come across security issues, they may want to look for alternate messaging apps. In spite of the rumors and constant efforts of the scammers to target this popular messaging app, the company maintains that “WhatsApp communication between your phone and our server is fully encrypted.”
Security consultant Bas Bosschert wrote that malicious Android apps are the reason why scammers can view and steal personal WhatsApp chats. He explained that vulnerability occurred when Android users turned on their WhatsApp backup feature to save their private messages to a memory card.
The data on a micro SD card is not exposed to scammers under normal conditions but it comes under danger when users accidently download malicious apps in their phones. As per the company, these issues are bound to arise if the phone is infected with malicious apps. However, later WhatsApp released a new version of the Android app that is supposed to fix this flaw.
On the other hand, messaging apps are also starting to offer various services to lure customers such as mobile payment. Lately, WeChat messaging app, for instance, introduced a new feature that would allow users to hire and pay taxi cabs through its own online payment system. However, this online payment system will require the user to link his messaging account with the banking account. This will again give a bright change for scammers to steal user’s identity and money.
According to experts, scammers in future may steal more than just private conversations. Hence, it is advised to;
- Apply all software updates and effective antivirus software for your mobile.
- Download trusted software from legitimate companies.
- Do not download any app before properly reading all the terms and conditions as well as user reviews.
- Avoid sharing personal information on messaging apps such as address, account details or photographs, even if security is supposedly assured.
- Avoid using public Wi-Fi on their mobile device. As it is another great way for scammers to get unauthorized access to users mobile.
