Unwanted messages on WhatsApp can now pose a significant financial risk. Cybercriminals are using fake files that resemble business documents to gain users' trust. Once these files are downloaded, viruses spread to the mobile device. To stay safe from this new cyber threat, experts advise avoiding opening files from suspicious or unknown numbers.

If you're using WhatsApp Desktop or WhatsApp Web, you need to be extra cautious. Cybersecurity company Kaspersky has uncovered a new malware campaign in which hackers are attempting to infect users' computers by sending fake business documents via WhatsApp.

According to the report, cybercriminals are using previously compromised WhatsApp accounts. This makes the message appear to come from a known or trusted contact rather than an unknown person, making it easier for people to trust it.

According to Kaspersky's Global Research and Analysis Team (GREAT), attackers are using file names that resemble genuine business documents. These include names like invoices, bank statements, account statements, and debt notices.

These files are in VBScript format. Once users open them, a script is activated on the system that downloads more viruses from the Internet and runs silently.

PC: Rajasthan Khabre

Kaspersky's investigation has found the impact of this virus campaign in several countries
. Malaysia has the highest number of infected users. Furthermore, similar attacks have been reported in Brazil, Singapore, Taiwan, Vietnam, and parts of Europe.

According to the report, the file names are being kept not only in English but also in Portuguese, French and German, so that maximum number of people can be targeted.

What happens when the file is opened?
When a user opens this file, it creates a new working folder in the Windows system and downloads other scripts from an external server and runs them using the Windows Script Host. The virus then attempts to give attackers remote access to the computer. This can be used to take control of the system, steal data, or cause other harm.

How to protect yourself?

Kaspersky recommends never opening any attachments on WhatsApp without checking them, even if they're from someone you know. In particular, only open scripts or executable files like .vbs, .vbe, .exe, .bat, .cmd, .js, and .ps1 if you're absolutely sure they're genuine.

Additionally, it's important to use reliable security software on both your computer and mobile phone. If you receive a suspicious file from someone you know, verify it through other methods before opening it.

Why is this attack dangerous?

The biggest challenge in the fight against this virus is that it uses compromised WhatsApp accounts. Therefore, the message appears to be from a trusted source, and users can open the file without permission. Therefore, a little caution can protect us from major cyberattacks and data theft.

PC: Maharashtratimes