STOMP it anytime, anywhere.
Download the new STOMP app today.
Watch out for fake “WhatsApp Web” websites.
They are part of a new phishing scam that tricks you into authorising access to your WhatsApp account for scammers, warned the police.
What happens is when you want to access your WhatsApp accounts on your desktop, you might search for the official website for “WhatsApp Web” using online search engines.
Scam victims would click on the first few search results generated by the online search engines without verifying the URL addresses due to convenience.
But the URL addresses visited were not the official website for WhatsApp but were phishing websites embedded with the genuine QR code extracted from the official website of WhatsApp.
When the victims used the QR code scanning function in WhatsApp on their mobile devices to scan the QR code in the phishing websites, they would notice the websites would not respond as the websites would not bring them to WhatsApp Web’s interface on their desktops.
But scammers who had embedded the QR codes in the phishing websites would then be able to gain remote access to the victims’ WhatsApp accounts, performing unauthorised actions such as messaging the victims’ contacts asking for their personal details and i-banking credentials, or requesting for monies to be transferred to a designated bank account.
As the victims could still access their WhatsApp accounts while scammers concurrently use the victims’ accounts to conduct scam activities, the victims would only discover that their WhatsApp accounts were compromised when they were notified by their contacts of unusual requests such as asking for the transfer of monies or i-banking credentials.
You are advised to adopt the following precautionary measures: