Beware of two new telephone scams that use WhatsApp and social engineering, ranging from the fake phone call of a woman named “Flora” who uses the excuse of a disturbed line to establish a relationship of trust, up to sending an alarmist sms on an alleged “untreated” account to steal the victim’s data. By exploiting a set of psychological strategies, the scammers manipulate and generate anxiety in people by inducing them to perform actions that they normally do not do, how to share private data, send money or click inappropriate links. Although it is not clear how many victims really suffered damage from “flora”, the dynamics of this scam deserves attention because it takes up already consolidated patterns, such as those of the so -called romance scam, the sentimental scams orchestrated to exploit trust, sense of solitude and economic availability of potential victims. Instead, the “scam of the not verified WhatsApp account”, which in the past few hours has been made known by the State Police on its official Facebook page, has the aim of generating fear in potential victims that could open the link contained in fraudulent SMS and thus providing their personal data to computer criminals.
The new flora scam with artificial intelligence
The script of the self -styled flora is conceptually very simple: after an initial phone call (probably perpetrated with a synthetic voice made with AI) made with the clear purpose of intriguing his victim, the scammer invites to move the conversation to WhatsApp to make up for phantom “scheduled problems”. Once the attention of its interlocutor is obtained, the criminal introduces visual elements of a certain impact – provocative images and photos, presumably made with the help of artificial intelligence – thus trying to strengthen the credibility of his profile. When the user is now “cooked” in dot, Flora could induce him to enter the highlight of the scam, pushing him for example to send money, share sensitive data, and so on.
Over the years, criminals have exploited other similar variants: false bank officials who warn blocked accounts, fake family who ask for urgent top -ups or other requests for economic help, alleged investors who convince to deposit money on fraudulent platforms. In all cases the lever is always the same: to make believe that a rapid and solidarity gesture can solve an emergency. This psychological effect is amplified by techniques such as the Caller ID Spoofing, i.e. the manipulation of the number that appears on the phone display: scammers can make apparently reliable contact appear, such as that of the bank or an acquaintance.
To defend yourself from Flora’s scam on WhatsApp and, more generally, from other online fraud similar to this, you must first keep your nerves and do not let yourself be enchanted by attractive proposals of any nature may be: sentimental, economic, etc. In case of suspicious calls, we suggest you immediately stop communication. If those who contact you via WhatsApp messages (or other channels again) asks you personal information, do not provide them for any reason. To enter the merits more, this means not clicking on any link received, not recalling the numbers that contacted you and, however discounted as advice, do not share confidential information (passwords, access codes, documents of documents, bank details and the like). If you were also contacted by a certain flora (or by any other suspicious subject), block the number and report the incident to the postal police.
The SMS for the account verified on WhatsApp
The scam consists substantially in an attempt to phishing, or to be more precise of riflestee since it is perpetrated via SMS and not by e-mail). With this mode, the scammers send a fraudulent SMS to a potential victim by inducing it to voluntarily provide sensitive data – such as password, verification codes or credit card numbers – through communications that imitate the official ones of a service. In the specific case that we are facing in this article, the message sent by the scammers emphasizes that the user’s account is “not verified”. To remedy the problem, the message invites you to click on a link. If the user agrees, he finds himself in the presence of an online form to be completed to proceed with the verification. Or at least this is what the scammers would like to believe. The reality of things is very different: by providing the answers to the questions in the form, the unaware victim will be an accomplice of his own executioners, delivering precious personal data, with which he will be able to perpetrate a real identity theft (or other computer fraud again).
A detail that can help you recognize the fraud is to analyze the message. In doing so, keep in mind that WhatsApp (and, more generally, any serious company) does not send communications of this type via SMS. All important communications take place through the verified account of WhatsApp (marked by the app icon and a blue check placed in correspondence with the latter). In addition, the messaging app never requires sending personal information to its users. The latter is a typical practice of IT criminals who try to perpetrate phishing.
Observing the screenshot spread by the police (re -proposed below), further signals of the scam emerge, such as grammatical errors, the absence of accents and imprecise punctuation: details that, of course, never appear in the official communications of the companies.
To be able to defend themselves from the scam of the not verified WhatsApp account, it is important to first of all that you pay attention to the signals that we talked about in the previous lines. If you don’t recognize the fraudulent origin of a communication, you can hardly defend yourself. Secondly, to defend you from such scam messages, simply ignore them and not click the links they contain. And if unfortunately you have already fallen victim to this umpteenth scam, promptly reported the incident to the postal police.
