The undisputed popularity of WhatsApp, the most used instant messaging application in the world with 900 million monthly active users, is proving to be a problem to the app itself. In fact cyber criminals are spreading, again, some malicious software via WhatsApp using email scam. But how is it happening? In a very clever and subtle way.

This newly created malware is being sent via email and is designed in a way that can fool WhatsApp users on Android and iPhones devices. So you are warned: be very careful before opening your email messages because this new virus really looks like it’s been sent by a legitimate source. Those fake email messages contain deceptive subject lines such as “an audio memo was missed” or “new voice message”, followed by a play button.

Clearly the cyber criminals purpose is that the users will open the message with the obvious consequence that they will download the attached virus. The virus, once downloaded, will penetrate their phones. The researchers at Comodo Labs say that even if none of these fake messages come from a WhatsApp address they are “disguised with an umbrella branding”.

So, it is important that you always keep in mind that you will receive all voice and audio memos, notifications and recordings only in the app. But how exactly does this malware spread? Through a compressed ZIP file contained in every scam email. Once downloaded the virus duplicates in multiple systems folders. After that it reaches the computer’s registry where the virus adds itself into an auto-run.

The Director of Comodo Antispam Labs, Daith Orhan, said that “Cybercriminals are becoming more and more like marketers, trying to use creative subject lines to have unsuspecting emails be clicked and opened to spread malware”. So now that you are warned, be careful and try not to be fooled by these dangerous cyber criminals.