The Public Security Police (PSP) issued a new alert about a fraud that has been spreading through WhatsApp, a social network used by thousands of Portuguese people. The message arrives from an unknown number and promises an application update, but the real objective is to steal users’ banking details and personal information.
According to authorities, the message appears with the text “You received a message, but your version of WhatsApp is not compatible”, accompanied by a link that suggests “update WhatsApp”.
At first glance, the warning appears legitimate, but upon clicking the link, the victim is redirected to a malicious page. On this page, criminals install programs that allow them to access the device, collect personal data and even carry out banking operations in the user’s name.
How fraud works
The scheme uses SVG (Scalable Vector Graphics) files, a format commonly used for vector images, but which, as it is code-based, can contain elements such as HTML or JavaScript.
This allows these attachments to appear to be simple images, when in fact they function as programs capable of carrying out dangerous actions.
Among the methods identified are SVG attachments disguised as Excel sheets with login forms. As soon as the user enters their credentials and submits the form, the data goes directly to cybercriminals.
There are also files that simulate download requests and, when opened, install malware, or even those that automatically redirect to phishing pages designed to steal sensitive information.
Advice to avoid the risk
To reduce the likelihood of falling victim to this type of fraud, PSP recommends keeping the operating system and applications always up to date, using antivirus with active protection against malware and avoiding banking operations on public Wi-Fi networks.
It is equally important to check whether the websites you visit use the secure “https” protocol and never click on links or attachments from unknown senders.
According to the same source, it is also advisable to activate two-factor authentication on all digital accounts and change the default password on the home router, replacing it with a stronger and more exclusive one.
It once again reinforces that, in case of doubt, users should immediately delete the message and report the incident to the competent authorities.
Also read:
