Computer security team warns Filipinos of malicious e-greetings on messengers

December 30, 2019 - 2:25 PM
8600
Facebook website
Log-in page of Facebook.com, the world's biggest social networking website. (Unsplash/Kon Karampelas)

A non-profit computer security team warned Filipinos to be wary of seasonal greetings sent to them through popular messengers as it may redirect them to suspicious links that will prompt them to input sensitive data.

Cyber Security Philippines-CERT shared through its Facebook page that opening greeting notifications via messengers might lead scammers to gain access to their banking and social media accounts.

“Before opening one, confirm first with your friend, family, and relatives if they indeed sent one,” part of the team’s Facebook caption said.

It warned that greetings with links can redirect them to various websites that may also contain “a variety of greetings” and then prompt them to “input their data while a malicious file runs.” Such websites include:

  • wish-you.co
  • wish4u.co
  • my-msg.co
  • look-me.co
  • surprise4u.me
  • hookupgist.co
  • see-magic.co
  • mera-style.co
  • whatsapp-style.co
  • my-love.co

“Malicious script then conducts service execution and credential access, then sends similar message to the victims’ user contacts,” Cyber Security Philippines—CERT continued.

The team said that people should immediately change their passwords on their online accounts if they happen to click the link.

“Change the passwords for your banking and social media accounts ASAP (on a different system). Reset your browsers. Update your anti-malware and scan,” it said.

It even included a picture of what a sample malicious greeting looks like.

Many Filipinos in the comments section already claimed to have received such greetings.

A particular Facebook user said that she just “wrote her name and sent it” but the team responded that “the page is loaded with malicious script” and that she should proceed with the recommended actions they have presented.

Another user shared a screenshot of a similar greeting he received that redirected him to a website called my-love.co. He added that he has already changed his password after opening the link.

Fake greeting
A Facebook user shares a screenshot of a fake seasonal greeting from a malicious website. (Sceenshot by Interaksyon)

People would usually send electronic greetings on emails and other messaging apps on holidays and special occasions to give their well-wishes, but scammers can use this to infiltrate personal accounts, particularly those related to banks and credit cards.

Hallmark, one of the largest greeting card manufacturers, has warned the public before to be wary of fake seasonal e-cards that could potentially redirect them to malicious links.

“Remember, you should never have to enter your username, password or any other personal information to retrieve a card,” a 2018 article about it said.

“E-cards in general don’t come with attachments. So if one does, delete it immediately. You may want to take the additional step of emptying your trash or recycle bin to really remove it from your computer or phone,” it added.

E-cards with links can contain keyloggers, a malicious program that can track the keystroke on a device, including usernames and passwords to different accounts.