Controls prevent phone fraudsters spoofing HMRC
The tax authority has put an end to fraudster’s mimicking its most recognisable helpline numbers to dupe taxpayers and steal money.
A vulnerability in the messaging app allowed it to be infected with spyware with a missed in-app call function.
Cyber attackers were able to install spyware on WhatsApp through its voice call function, even if the user didn't pick up the call. Often, the call would disappear from the device’s call log, so no visible trace was left.
Dozens of WhatsApp users including human rights organisations and a UK based lawyer may have been targeted in the attack which exploited a major vulnerability in the app in an attempt to take over the operating system.
The breach was discovered in early May and has since been fixed. Users are urged to update their app to the latest version.
But Citizen Lab at the University of Toronto has said an attacker attempted to exploit the app, and was blocked, as recently as Sunday evening.
The Financial Times reported the spyware was developed by NSO Group, an Israeli cybersecurity and intelligence company.
Although the group has not been confirmed, WhatsApp said it did not refute any coverage related.
Facebook is urging WhatsApp users to upgrade to the latest version of its messaging service
Android: Go to Play Store, then tap Menu > My apps & games. Tap UPDATE next to WhatsApp Messenger
iPhone: Go to App Store, then tap Updates. Tap UPDATE next to WhatsApp Messenger