Beware of New Phishing Scam: Fake Crypto Wallet with Large Balance in WhatsApp Message

Since the first days of April 2023, a message circulates, supposedly wrong, by Whatsapp that tries to capture the attention of potential victims by indicating a link. This refers to an individual by his first name, informing: “this is your new account”, then username, password and BALANCE in USDT – Tether, a stable coin whose price is equivalent to u$s 1. It is a supposed exchange that seeks to obtain data from digital wallets to later appropriate the funds.

In the WhatsApp message it appears to include the access credentials to a crypto wallet with a large balance, in this case of more than 2,500,000 with the indication by the sender of “keep it safe”.

Those who, seduced by the opportunity offered by chance or mistake when sending the message on WhatsApp, decide to enter the link and use the credentials, will access a fully functional wallet with a very realistic environment, showing transactions and opportunities to transfer/move amounts. .

Then, those who choose to access, will have the possibility of making a transfer to their own wallet, they will end up giving their access credentials to the criminals who will later take control of it and the funds.

The site is hosted in Washington/USA and its URL includes the padlock which implies that the URL includes the security protocol, which does not imply that this is really the case. In addition, the HTTPS protocol, in theory contributes with the “S” that the communication is secure but the field experience in the latest surveys and cases analyzed by us indicates that the page will NOT NECESSARILY be REAL. In fact, this site is FAKE. This modality of PHISHING is clearly aimed at users of mobile platforms, it has been around for a long time, it is periodically relaunched with improvements and deception was seen circulating with different exchange names.

Recommendations:

• Be skeptical. Do not respond directly to suspicious emails or WhatsApp messages.
• Change passwords regularly and activate second factor authentication.
• Avoid offers and transactions by mail and WhatsApp because they can lead to fraudulent sites.
• Do not be fooled, the “promos” and false gifts by email, whatsapp or RRSS.
• Beware of advertising banners that appear when browsing
• Distrust when directed outside the platforms.
• Do not open unsolicited email attachments or click on links you do not expect to receive.
• Use an antivirus and update it.
• Update devices whenever you can.
• Use unique passwords for each site.
• Do not download APPs from stores with a poor reputation.

Finally, never provide personal data, especially passwords or passwords. No bank or official body should require them.