Taking note of the malicious messages relating to invitations for activating Video calling feature on the popular messaging app, Ministry of Information technology and Telecommunications today issued a Web user advisory to inform the general public about the scam which could mean exposure of personal and call data of the users to malicious elements.
The method devised by scammers to invite the Whatsapp users for activating the feature through a spoofed website has been a topic of local and international media over the past few days.
By clicking the web link received through such invite the user is led to a legitimate looking process actually carried through a spoofed website carrying malicious code.
The process at the end asks the users to invite more friends which inevitably leads to further spread of the hack.
It is pertinent to mention that Whatsapp launched the Video calling feature recently and the feature can simply be activated by upgrading the App to its latest version and is in no way based on invites or referrals.
Once activated through the spoofed invite link only way to remove the vulnerability is to reset the application through settings or to install the application again after a complete uninstall process.
Screengrab of Fake Whatsapp Video Calling Messages
“Keeping in mind the popularity of Whatsapp with the messaging users, it is important that the Pakistani users are aware of this scam so that they can take immediate measures to limit exposure to its data protection consequences” said the Ministry of IT&T spokesman.
The said scam has also been widely reported by the global hacking forums. Although the gravity of this malicious activity and its exact consequences are yet to be fully known, web and data security experts advise the users strongly against falling prey to the invite and thereby unintentionally spreading it further.