Attention constituent: CIRT-BS is observing an uptick in “free money” scams on WhatsApp involving threat actors impersonating the “Ministry of Labour and [Public Service]” and offering mobile device “top-ups” to solicit personally identifiable information like internet protocol (IP) addresses and telephone numbers from members of the general public. In the attacks, actors are sending various WhatsApp messages with malicious URLs; one message advises recipients that they are entitled to a particular amount of money from the government based on their employment history, and another claims that they can win “top-ups” from a telecommunications provider of their choice. Once on the webpage, the user receives a prompt to enter their telephone contact information and “share” the scam with a particular number of contacts to claim the money. On the webpage, threat actors gather information on the user’s network and phone contact, which they can exploit in a future attack. The additional sharing of the scam is causing it to become widespread across The Bahamas. Manufactured comments on the webpage also cause the scam to appear more legitimate than it is. CIRT-BS wishes to advise the public that these attacks are fraudulent and that they should contact the impersonated organisations directly through their official means of contact to verify any unusual communications and promotions.
Best, |