scam

Beware of Phishing Links on Viber: A Security Alert

 in Applications  tagged phishing / scam / security / viber by

In the age of instant communication, apps like Viber have become integral to our daily interactions. However, with the convenience of quick chats and video calls comes the risk of cyber threats. A recent security concern involves phishing links circulating on Viber, particularly those starting with “https://www.viber.com/activate_secondary/“. If you encounter such a link, exercise caution: clicking on it may compromise your account.

What Is a Phishing Link?

Phishing links are malicious URLs designed to steal personal information. Hackers craft these links to look legitimate, tricking users into handing over sensitive details like login credentials. Once clicked, these links can lead to unauthorized access to your accounts, financial loss, or identity theft.

The Viber Scam: What You Need to Know

On Viber, the scam link in question is part of a ploy to hack into accounts. The link prompts users to “activate” a secondary device, but in reality, it’s a method for a hacker to log in to your Viber account using their PC. The link is a disguised trap, and the consequences of clicking it are serious. The hacker can gain full access to your Viber account, allowing them to read your messages, access your contact list, and impersonate you.

How to Remove the access of a Hacker to your account

To deactivate Viber on your Desktop and Tablets from your mobile phone, you should follow these steps:

  1. Open the Viber app on your mobile device.
  2. Tap on More or the three lines in the bottom right corner to access the menu.
  3. Select Settings to open the settings menu.
  4. Go to the Account section.
  5. Tap on Desktop and Tablets. This will show a list of devices where your Viber account is active.
  6. From the list, select the device you want to deactivate.
  7. Confirm the deactivation when prompted.

This process will remove your Viber account from the selected devices, ensuring that no one can use it on those devices unless you activate them again​.

How to Protect Yourself

  • Don’t Click Suspicious Links: If you receive a link you weren’t expecting or that looks out of the ordinary, do not click on it.
  • Verify the Source: If a contact sends you a link, verify with them through a different communication method to confirm they intended to send it.
  • Use Official Channels: Always use the official Viber website or app for account-related actions.
  • Stay Informed: Keep up with the latest security updates from Viber and be aware of common phishing tactics.

Conclusion

Your digital safety is paramount. In the face of cunning cyber-attacks, staying informed and vigilant is your best defense. Remember, if you receive any link starting with “https://www.viber.com/activate_secondary/“, do not click on it. Protect yourself and your digital presence by being cautious and proactive about your online security.

Stay safe, stay connected.

Some technical information

As you will see in the following example, the link translates to a Viber command that prompts the device to accept the attacker’s device as a legitimate user device.

wget 'https://www.viber.com/activate_secondary/?u=bf63cd32389dcc342088c477a&k=u54BFqCQKGrL5-xPhV_Px82.&r=1&v=2'
--2023-11-02 16:21:36--  https://www.viber.com/activate_secondary/?u=bf63cd32389dcc342088c477a&k=u54BFqCQKGrL5-xPhV_Px82.&r=1&v=2
Resolving www.viber.com (www.viber.com)... 104.103.81.52, 2a02:26f0:9c00:395::24c5, 2a02:26f0:9c00:396::24c5
Connecting to www.viber.com (www.viber.com)|104.103.81.52|:443... connected.
HTTP request sent, awaiting response... 302 Moved Temporarily
Location: viber://auth?u=bf63cd32389dcc342088c477a&k=u54BFqCQKGrL5-xPhV_Px82.&r=1&v=2 [following]
viber://auth?u=bf63cd32389dcc342088c477a&k=u54BFqCQKGrL5-xPhV_Px82.&r=1&v=2: Unsupported scheme ‘viber’.