Fraudsters hijack WhatsApp accounts using fake petitions: how to protect data - State Service of Communications and Information Protection

Fraudsters hijack WhatsApp accounts using fake petitions: how to protect data - State Service of Communications and Information Protection

Kyiv  •  UNN

 • 65521 views

Fraudsters hijack WhatsApp accounts by sending fake messages calling for votes to award the title of "Hero of Ukraine" to fallen defenders, which leads to a phishing site that steals access to the account.

Fraudsters are hijacking WhatsApp accounts using fake petitions to award "Hero of Ukraine" to fallen defenders. The State Special Communications Service warned about the new fraudulent scheme and gave recommendations on how to recognize fakes and avoid becoming a victim of fraud, UNN reports.

The government's computer emergency response team CERT-UA, which operates under the State Special Communications Service, warns of a new fraudulent scheme aimed at stealing WhatsApp accounts from Ukrainians.  Attackers send messages on WhatsApp calling for votes for an electronic petition to award the title of "Hero of Ukraine" posthumously to Ukrainian soldiers. The messages contain a link to a fake website that imitates the official website of the "Electronic Petitions".

- told about the scheme at the State Special Communications Service.

Details

CERT-UA employees have been tracking the described activity since April 2024 under the identifier UAC-0195. As of 20.04.2024, they have identified 18 domain names and sent appropriate requests to block them.

How fraudsters work:

  • The victim follows the link in the fake message.
  • The fake website offers to enter a phone number and receive a code.
  • The victim enters a code in WhatsApp to "add a trusted device.
  • The attackers gain access to the victim's WhatsApp account.

How to protect yourself:

  • Do not click on links in suspicious WhatsApp messages.
  • Check the domain name of the website before entering any data. The official page of "Electronic Petitions" is located at: https://petition.president.gov.ua/
  • Never enter a code received via SMS on third-party websites.
  • Be critical of any calls to follow a link or scan a QR code.
  • Configure two-factor authentication (https://cert.gov.ua/article/6278274).
  • Contact CERT-UA in case of suspicious activity: [email protected], mob.+38 (044) 281-88-25.

The Ministry of Defense is strengthening the protection of information systems from cyber attacksApr 21 2024, 11:37 AM • 55302 views