Don't Click That Fake WhatsApp Link
OK, here's the deal: We've been screwing up lately.
First there was the massive Google Docs hack that spread like wildfire thanks to people clicking shady links, and then a ransomware attack tore around the world for the same reason. Now, someone is trying to get WhatsApp users to install some grody software by getting them to click a fake link.
The trick was spotted by a Reddit user on Sunday night. The fake URL looks like the real WhatsApp website (www.whatsapp.com), but it's spelled with cyrillic letters. (It's not the first time hackers have tried this trick.) Once you click, you're redirected to another site that asks you to download a sketchy Chrome extension that looks like some nasty adware. The Chrome store entry for the extension now 404s, and a Google spokesperson confirmed to Motherboard in an email that Google removed the extension from the store.
Now that you know the score, this is where it all stops, alright? Do not click that link, for the love of all that is holy. Do. Not. Click. That. Link.
If you are nonetheless tempted, here are some ways that you can make sure you're not getting tricked, in this case or any other time. First, ensure that the URL you're visiting is spelled the same way as the real product or company. This was a dead giveaway for the fake WhatsApp URL. Also, many legitimate companies secure your web connection with HTTPS encryption, so check that it's in use when you visit a site you suspect of being illegitimate (in Chrome, it's a green "HTTPS" indicator before the URL).
Be safe out there.
Subscribe to Science Solved It , Motherboard's new show about the greatest mysteries that were solved by science.
Update: Google confirmed that the company removed the adware from the Chrome store. This article has been updated with that information.