Ghana – online ad hoax aftermath causes panic. What you must know.

I woke up to find a WhatsApp text on my phone telling me how to get 50GHS of free credit. I did not mind but it became very irritating during the day, where I saw it on almost all WhatsApp group I belong to.

So I though of checking it out to see what is in this free credit message. As a programmer, I was very vigilant, so first wanted to see how the whole thing works. I checked the source code, and on checking nothing really serious of a code but an advertising scheme JavaScript for pay per click. In simple terms its a pay per click system so when a visitor on the site clicks on any button on the site they get paid.

So imagine the number of click per the traffic they have generated today well, they have made enough coins. Going forward the website also had a survey also with it own JavaScript after choosing your network option. That is where I started to get curious, because every survey will have a server somewhere to collect and keep these data that participants have entered. Therefore, any input by a visitor will be received and stored by the server. Thankfully, they did not require much of information just a phone number and other few data. Then, on completing the survey you will be asked to share on WhatsApp with some conditions attached. That was how the thing works, but something prompt everybody attention when moments later, there was a circulating WhatsApp text about how the people behind it have used this to get pervious data from Ghanaian including supposed nude pictures. So we at PC Boss online decided to do a detail analysis to the issue help victims of this scam understand what has really happened and if they have been affected in any way and how they can save the situation if any.

Well! Starting off, I did couple inquiries from some of my friends who are developers and programmers so we can get concrete information per all this scam messages. My friends at Programmers Hub – a WhatsApp tech group were really helpful in this write up.

First of all, the whole thing was an advertising survey scheme from these affiliate advertising agency online so the subscriber was smart enough to use this means to get what he wanted. These scheme are created such that if you fall a victim you will not be left of the system till a certain period time so they always add a survey to it where in someway or the other they will get your email or phone number so they will continuously send you the ads to get their money through you. So, that means if you were a victim it is possible you will be receiving adverts in so many ways – text messages, WhatsApp and other format. As to them having your mobile money pin as the follow up text said, chances of it been true is 0.5% – 1% because the code i saw don’t have that power to go that extend. Yet, there is always a possibility, they can add a key logger script into the code that was in sharing on WhatsApp of which I did not check so cant say much about. These key logger script keeps and store frequently entered/pressed keys on a particular device and can be sent from the user device to the developer anytime the device owner connect to the internet. So if that was there then its possible, but the thing is they just cant get the pin and password just instantly like that because it has to keep compiling some possible key strokes first. Then lets move to nude picture side. Well! thank God WhatsApp is an end-to-end encrypted messaging app so there is no possible way of getting access to a person message as it being transferred but the bad side is every message is stored on your phone so anybody can get to your messages and content of it on your phone. Yet, as i said earlier its encrypted so it will take a serious hacker to decrypt it. This scam made people to send link to people on WhatsApp, as I have said earlier i did not check the code to the share button so I cant make it concrete it contain anything harmful but lets examine it to see the possible way it may affect you and the nude pictures issue. Android and iPhone which i know most people used to share the messages, are Linux based OS – operating system so they cant not be affected by virus but malwares. Malware can take any form to do any damage which are more harmful than virus. They can be made into any form to execute the intention of the developer. So possibility of the share button having a malware – since I didn’t check so it will be 1. If there was can it get to your gallery – yes, malware can take any form so it can go to anywhere on your phone – from SD card to internal memory, app, etc. Every malware and the intention behind it so depending on the intent of the creator of this scam, maybe he/she wanted pictures so he/she can get it. On the other hand, these code can not do instant sorting of the data so as to what kind of picture it may get nobody can tell. What these malware code can do is send link of the path i.e location of the picture to their database and then the hacker can phish the pictures by him/herself. I think the creator of this scam not be search for pictures, the intention of this attack if i can say, is advertising so he/she can get some coins. The possible malware that victim will suffer from will be adware. They are frequent pop up of unwanted adverts everywhere on the phone in apps and even on the home screen. There are normal adverts within some app but this will be extensive and very annoying.

How you can save yourself in that situation incase you are affected in any way. Be ready to unsubscribe yourself from any ad scheme in a form of text that  you will be receiving. Get a very good antivirus and antimalware and scan your phone to see if you are affected and deleted any app you did not install yourself, which also is not a default app. For android users if you have rooted your phone i will recommend Kingroot – very efficient to deal with malwares if you activate all of it component. It is for rooting too. IPhone users should check Apple Store to get the best antimalware.

On the fun side, the follow up message don’t have any truth in it, the scam in my capacity as a programmer came from outside Ghana. I think someone made that text up to prevent people from further sending the link. Be careful on the next button you click to get free stuff. Have a nice one, PC Boss Online.