Heads-up. There is a new social engineering attack currently being tested in Europe, and that means we will see it in America in the near future.
The bad guys are using malicious WhatsApp ads, which offer a $250 coupon for a well known retailer, in exchange for a short survey. The invite looks like it comes from a friend on WhatsApp. A similar strain installs a malware on the phone, which looks like a software update, but steals all the contacts, phone numbers and email addresses - and if they can find any, passwords and banking credentials.
There are different ways to monetize all this phishing data, and it looks like the bad guys have got that down too, from selling the stolen credentials to using the malware to go viral to all the contacts on the phone.
The large retailers have reported hundreds of these attacks to Europe's federal Cyber Crime Unit.
Warn your users to not click on dodgy WhatsApp special coupon offers.