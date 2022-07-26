Despite not being a new threat, malware is circulating on social networks that is capable of subscribing to services without users’ permission. According to Kaspersky, a company specializing in cybersecurity, this type of virus, which is very common in Brazil, has had a sudden increase in recent months. The reason would be the new tactic that criminals are using to make more victims: sending fake WhatsApp messages to steal data via phishing and then signing up for premium app services.

To attract the victim, scammers use messages of varied themes, always in an appealing tone – such as product offers, job opportunities and unexpected earnings, which induce the user to enter a malicious link. In it, you are asked to complete a registration with personal information, such as e-mail, CPF and bank details. In possession of the information, then, cybercriminals subscribe to services without actually having users’ permission.

1 of 1 See how to protect yourself from the virus that makes premium subscriptions with your personal data — Photo: Disclosure / Bully Hunters

According to experts at Kaspersky, the main problem with this scam is that, in general, victims are slow to realize that they have fallen for a scam because charges usually arrive one to three months later. In addition, inattentive users may find more risks in this scam, as it is possible for them to take more than one invoice to identify the improper charge.

According to the cybersecurity company, one of the main tactics used for this type of scam is the fake Christmas emergency allowance. As explained by Kaspersky, government-related topics are preferred because, as these platforms usually need to confirm data, “the request for personal information by criminals does not raise suspicion”. Furthermore, this guise in government services is also among the favorites because, in many cases, users will take time to make the connection between signing and sharing data on the malicious website.

“Imagine a person who made the registration waiting for the Christmas bonus and who realized the charge just three months after the alleged benefit request. of the service — which is the loss. This makes it difficult for people to recognize the trap and manage to avoid it”, pointed out the director of Kaspersky’s Global Research and Analysis Team for Latin America, Fabio Assolini.

How can I protect myself from the blow?

To protect themselves from the virus that subscribes to premium app services and other types of malware on Android or iPhone (iOS) phones, users should keep an antivirus on their devices and perform weekly scans to check for possible threats. Another tip is to insert two-factor authentication into all possible applications, which reduces the chances of criminals succeeding in applying the scam.

Also, it is important not to open attachments and links from unknown senders and to check in link checkers if the URL is really safe. A good example is the analyzer from PSafe, a cybersecurity company. To access it, just open the official website (“https://www.psafe.com/dfndr-lab/pt-br/”, without quotes), paste the link you want to analyze and press “Analyze”.

