Fake WhatsApp Voicemail Notifications Deliver Malware

Avira researchers recently came across a spam campaign using e-mails that claim to come from the WhatsApp messaging service and state, “You have a new voicemail,” “1 New Voicemail,” or “4 New Voicemails.”

The e-mails include a “Play” button which redirects the user to a URL where a file, purportedly the voice message, is offered for download.

If the user accepts the download, malware is delivered instead — Avira detects the file as TR/Kuluoz.A.27. Microsoft reports that the Kuluoz Trojan is designed to steal passwords and other confidential data from the victim’s computer.

“This social engineering technique has started to be used because the WhatsApp is getting more and more media attention due to their free business model (the iOS version is now also free for the first year),” Avira security expert Sorin Mustaca wrote in a blog post warning of the scam.

Jeff Goldman
Jeff Goldman
Jeff Goldman has been a technology journalist for more than 20 years and an eSecurity Planet contributor since 2009.

Top Products

Related articles