Security researcher Rajshekhar Rajaharia took to Twitter the other day to warn of a new scam that was making the rounds – the awkward name of ‘WhatsApp Pink’. This Android app promises to be a fun new variation of the popular chat app that comes with an all pink user interface. And while the “pink app” part is true, the app is actually not an official version of WhatsApp, or even a clone. It is malware.
This scam isn’t exactly subtle, but it has proven to be effective enough to trick a significant number of people into believing that there really is an alternative colored WhatsApp app. And the sneaky .APK download link goes around group chats, all places, making it a bit more trustworthy. Your friends and / or coworkers wouldn’t lead you astray with malware, would they?
As always, a little common sense prevails in these situations. It is recommended that you never download and install an .APK someone sends you unless you are absolutely certain you know what it is. You can still go to your favorite search engine and find the file or app yourself, rather than using a provided link, which will likely tell you very quickly if the app or .APK itself is legitimate; at the very least, you’ll be able to make sure you grab the right app or .APK from an official website or repository.
It doesn’t matter if your parents, spouse, or dog send you an app (or a link to an app), don’t download it. You can totally trust them, but you can’t be sure they did their due diligence to determine what they are actually sending to you. Any steps you take to ensure your personal safety won’t matter if you trust someone who isn’t so thorough.
Sometimes just pausing to think critically can save you. In this case, WhatsApp really publish a separate app that is a color clone of their original app? Wouldn’t they just add this functionality to the app directly? Ask yourself if the app’s simple premise sounds suspicious before you even consider tapping a link to download it.
However, if you’ve already installed this one, there are a few things you can do to mitigate the potential damage:
One last tip, which should probably go without saying: look at this spelling mistake –Watsapp? You never want to download an app if the alleged company offering it can’t even spell its name correctly. Sometimes an application screams “malware” and you should listen.