Phishing remains one of the easiest points on entry for malware. In this latest case, a Reddit user has raised the alarm about a fraudulent website called http://шһатѕарр.com/ – note the suspicious characters – that tries to trick WhatsAppers into installing some supposed themes for the chat app, but actually all it does is install scam apps and spams your contacts.
Though the the site itself won’t infect your device if you open it from a desktop computer, it can do damage from any Android browser, redirecting you to http://blackwhats.site/. As soon as you open the page you’ll get a popup window asking you to share that URL with your contacts to get access to the themes – whereupon it slips in an APK jammed with adware and warns you that the theme can only be installed from the web version of WhatsApp in a fake extension that somehow is still available in the Chrome Store.
This is one of the latest scams making the rounds on the IM app, as we recapped last week in a blog post. They usually appear in the form of a normal-looking link sent by one of your contacts. In the current case there’s also the fact that the URL preview could pass for a legitimate link. This makes it all the more important to highlight again: always be on guard when you get unsolicited links.
More info | Reddit thread