A new adware is circulating online, tricking users to visit a modified domain posing as whatsapp.com. The fake URL - шһатѕарр.com - uses characters from the Cyrillic alphabet and makes people believe they're on the real domain.
The info comes from a redditor going by the name of "yuexist" who notes that the site promises to let you install WhatsApp in a different color, The Next Web reports. To make the scheme spread even further, when you visit the link, you're asked to share the site with your friends for verification purposes. Then, your contacts receive a message praising how much you love the new WhatsApp colors, including the fake URL. Without close inspection, it's easy to fall prey to the ruse.
Once you've verified yourself by bringing in countless other potential victims, the site tells you that those colors you were hoping to see are actually only accessible on a desktop computer and directs you towards installing a Chrome extension called BlackWhats.
This should be enough to trigger some alarms for those who have any kind of tech knowledge. That doesn't seem to be the case completely if we look at this extension and notice there are over 16,000 users. The app has a 4-star rating from a few dozen people and it's difficult to tell whether or not they are completely fake or not, but chances are quite high on the former. Thankfully, Google has already removed the BlackWhats extension from the store.
At this point, this seems to be just another adware. Even so, adware can be extremely annoying. This type of schemes should make people question how real these tools are, but given the number of installs, that doesn't seem to be the case. It's also quite a silly ruse since the app promises to bring other color schemes to WhatsApp. That being said, it's quite likely that those who fell for it are from the younger demographic who have yet to figure out how to be safe online, but who are also more likely to install apps just for extra customization options.