WhatsApp scam messages give away fake £100 vouchers for Sainsbury’s and Topshop, steal people's data

It's safest just to assume that any message you receive is risky at best

Andrew Griffin
Wednesday 26 October 2016 17:31 BST
Comments
The Facebook and WhatsApp applications' icons are displayed on a smartphone on February 20, 2014 in Rome
The Facebook and WhatsApp applications' icons are displayed on a smartphone on February 20, 2014 in Rome (AFP/Getty)

Your support helps us to tell the story

This election is still a dead heat, according to most polls. In a fight with such wafer-thin margins, we need reporters on the ground talking to the people Trump and Harris are courting. Your support allows us to keep sending journalists to the story.

The Independent is trusted by 27 million Americans from across the entire political spectrum every month. Unlike many other quality news outlets, we choose not to lock you out of our reporting and analysis with paywalls. But quality journalism must still be paid for.

Help us keep bring these critical stories to light. Your support makes all the difference.

WhatsApp users are receiving messages that look far too good to be true – and are just that. People are being hit by a sinister new hack that sees them offered free money and then actually leads them to have their data stolen.

The messages arriving on people’s phones look innocent, and appear to come from friends and family. They offer £100 of gift cards for shops like Sainsbury’s or Topshop, and usually claim that the sender has already claimed their £100.

But the messages are in fact a scam that could see people’s phone’s hijacked, their personal information stolen and their money being put at risk. The link in the message appears to be a way of claiming the £100, but actually is a way of getting hold of people’s phones.

Most of the messages read: “Hey have you heard about this? Sainsbury's is giving away £100 gift cards”, though some of them swap the name of the shop around. The rest of the message claims that the company is “extending” its “store network” and so giving away vouchers as a way of promoting themselves.

To actually claim that money, people are usually sent to a link that looks legitimate, including the supposed address of a Sainsbury’s website. But it is actually hidden, sending people to a fake link that will probably steal their information.

Clicking on any link is risky, and should only be done when the message is legitimate. Doing so can put people at risk in a variety of ways – the most common of which is phishing, where the website on the end of the link looks legitimate and asks for information like passwords, but actually sends that off to a hacker or somebody else malicious.

As such, people are being advised to beware of the malicious messages and never to click on the link. In fact, it is safest just to delete the message entirely, making sure that you’re never able to accidentally click on it.

As a rule, it’s best to assume that any link that’s ever sent to you is risky – especially if it’s sent through a text message or WhatsApp. You can make sure by looking at the address, and in extreme circumstances getting in touch with the company before giving away any information.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in