iLAB identified a case where perpetrators targeted users from African countries such as Kenya, South Africa, Uganda, Nigeria, Egypt and Ghana with a digital campaign
intended to harvest their banking information. The campaign falsely presented a Covid-19 “relief package” from the government.
In reality, it enticed WhatsApp users to not only share the campaign with several of their WhatsApp contacts, but also willingly share their banking information that could
be used for further social engineering attacks and financial crime. We analysed the source code of the associated blog sites, which revealed the links to three blog
profiles.
The campaign used the WhatsApp chain-messaging strategy to propagate the intended scam targeting multiple African countries. Independent fact checkers have debunked a
number of claims related to the network of blogs used in the campaign under investigation and found them to be FALSE. Facebook has also flagged posts using urls pointing to
the blog-pages as false information.
