Jump to content
Login new information ×
Login new information

Fake WhatsApp.com uses "шһатѕарр.com" to draw users to install adware

Batu69

By Batu69
in Security & Privacy News

Recommended Posts

Batu69

Batu69

Posted
Posted

Fake website : http://шһатѕарр.com/?colors

Actual site it redirects to : http://blackwhats.site/

Archive.is link : http://archive.is/9gK5Y

 

Screenshots when you visit the website in smartphone : http://imgur.com/a/UsKue

User gets the message saying whatsapp is now available with different colors " I love the new colors for whatsapp http://шһатѕарр.com/?colors "

 

When you click the fake whatsapp.com url in mobile, the user is made to share the link to multiple groups for human verification.

once your done sharing you are made to install adware apps, after you have installed the adware the website says the whatsapp color is available only in whatsapp web and makes you install an extention.

 

Fake whatsapp extention : https://chrome.google.com/webstore/detail/blackwhats/apkecfhccjhdmicfliebkdekbkoioiaj

these fake sites and spam messages are always circulating in whatsapp.

 

Source

Fake WhatsApp.com URL gets users to install adware

Next time someone links you to whatsapp.com, make sure you take a second look. There’s some adware currently circulating around the web by tricking users to visit a ‘шһатѕарр.com’ domain instead. Yes, those are different URLs – the fake URL uses characters from the Cyrillic alphabet.

 

As spotted by redditor u/yuexist, the site promises to let you install WhatsApp in different colors – I mean, everyone likes color options, right? If you visit the link, you’re asked to share the site with your friends for ‘verification.’ Your friends then receive a message saying “I love the new colors for whatsapp’ along with the fake URL.

 

Once you’ve ‘verified’ yourself, you’re then told that WhatsApp’s colors can only be accessed on a desktop, and are asked to install an extension from the real Chrome Web Store called BlackWhats (still, click at your own risk).

 

All this should send about 27,531 red flags to anyone remotely tech savvy, but there are plenty of WhatsApp users who don’t spend their time on tech blogs and might fall for it – the fake URL is certainly convincing enough at first glance. The extension itself has over 16,000 users and a 4 star rating from 55 ratings, though there are only 3 text reviews – it’s hard to tell if these ratings are somehow fake.

 

We’ve reached out to Google to alert them about the adware. And as always, make sure to double check URLs on any unexpected links you may receive.

 

Update: Google has removed this extension from the Chrome Web Store. Good riddance.

 

Article source

Link to comment
Share on other sites
  • Replies 3
  • Views 537
  • Created
  • Last Reply
PriSim

PriSim

Posted
Posted

wow !

 

what kind of domain font it is ?

 

seriously wow !

Link to comment
Share on other sites
  • Administrator
DKT27

DKT27

Posted
  • Administrator
Posted
On 15/5/2017 at 8:15 PM, PriSim said:

wow !

 

what kind of domain font it is ?

 

seriously wow !

 

Some time ago the web consortium started allowing non-English and special characters in domain names, since then these type have started coming up. While the idea is good, this issue was going to happen I think.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...