Security News > 2022 > April > WhatsApp voice message phishing emails push info-stealing malware
A new WhatsApp phishing campaign impersonating WhatsApp's voice message feature has been discovered, attempting to spread information-stealing malware to at least 27,655 email addresses.
Information-stealing malware is aggressively distributed today via various means, with phishing remaining a primary channel for threat actors.
The new WhatsApp voice message phishing campaign was discovered by researchers at Armoblox, who are constantly on the lookout for new phishing threats.
A timely phishing attack pretends to be a notification from WhatsApp stating that they received a new private message.
Secondly, voice messages received on WhatsApp are downloaded automatically in the client app, so the IM company would never inform you about receiving one via email.
Thirdly, the phishing email features no WhatsApp logo, which is almost certainly to avoid having trouble with the VMC checks introduced by Gmail last year.
News URL
Related news
- Horabot Malware Targets 6 Latin American Nations Using Invoice-Themed Phishing Emails (source)
- New Morphing Meerkat Phishing Kit Mimics 114 Brands Using Victims’ DNS Email Records (source)
- Only 1% of malicious emails that reach inboxes deliver malware (source)
- Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware (source)
- PoisonSeed phishing campaign behind emails with wallet seed phrases (source)
- CISA and FBI Warn Fast Flux is Powering Resilient Malware, C2, and Phishing Networks (source)
- WhatsApp vulnerability could be used to infect Windows users with malware (CVE-2025-30401) (source)
- Phishing Campaigns Use Real-Time Checks to Validate Victim Emails Before Credential Theft (source)
- Midnight Blizzard deploys new GrapeLoader malware in embassy phishing (source)
- Phishing emails delivering infostealers surge 84% (source)