New threat looms over WhatsApp users: CERT-In issues alert; do not open such files even by mistake—your system could get hacked..
CERT-In WhatsApp Warning: If you use WhatsApp Web or WhatsApp Desktop on your computer, you need to exercise extra caution. The Indian Computer Emergency Response Team (CERT-In) has issued a new cybersecurity alert. According to the agency, cybercriminals are attempting to install dangerous malware on Windows computers by sending fake business documents via WhatsApp. Alarmingly, these files often appear to originate from the WhatsApp accounts of people the user knows.
What is this scam, and how does it work?
According to CERT-In, cybercriminals first attempt to hack a legitimate WhatsApp account. Once successful, they use that compromised account to send fake documents to the owner's contacts.
When the recipient receives a message from a saved contact or someone they know, they often do not suspect anything and open the file. By doing so, the scammers succeed in their scheme.
Which users are most at risk?
Users of WhatsApp Web and WhatsApp Desktop face a higher risk, as scammers are specifically targeting Windows users. Therefore, always cross-check any suspicious file before opening it, even if it appears to come from a known contact.
What kind of files are involved?
According to the government report, cybercriminals are launching attacks using Visual Basic Script (.vbs) files. To make the files appear authentic, they label them with names like "invoice," "payment record," "bank statement," or "account details." Some files are even disguised as Microsoft Windows updates to avoid raising suspicion.
What happens when the file is opened?
If a user inadvertently opens such a .vbs file, a script activates on their Windows computer. This can lead to the download of additional malware onto the system. Hackers could gain remote access to the computer, steal passwords and personal data, install other malicious software, and potentially compromise the entire network.
What advice has CERT-In issued?
The cyber agency has advised users to take certain essential precautions. If you use WhatsApp on a laptop or desktop, keep these points in mind:
Do not open any suspicious files received on WhatsApp.
Completely avoid files with the .vbs extension.
Even if a file is sent by someone you know, verify it first via a phone call or another communication channel.
Always keep your Windows operating system and antivirus software updated.
Steer clear of suspicious links and unknown attachments.
Disclaimer: This content has been sourced and edited from Amar Ujala. While we have made modifications for clarity and presentation, the original content belongs to its respective authors and website. We do not claim ownership of the content.

