Internet Hoaxes

Are Chinese hackers embedding ‘phishing codes’ in images? Fact Check

A warning is spreading claiming that hackers in China have designed pictures or movies that hide “phishing codes” and receiving one will result in hackers being able to steal information from the recipient’s device.

FALSE

An example of the warning can be seen below.

Morning Wishes/Messages.
Please read this warning coming from China from the Shanghai International News today it sent an SOS to all subscribers (this is the third reminder) that experts advise & recommend: Please don’t send Good morning, good night, or any funny festivals greetings such as pictures & movies etc..The reports state that hackers in China have designed the pictures, movies so perfectly for hiding phishing codes within them, when everybody forwards and sends those, they will go and steal personal information from your device. It is reported that more than 500,000 fraud victims have already been scammed. If you would like to greet one another, type your own message to protect yourself, as well as protecting your family and friends.
(Very important). Delete all previously and later greeting designs, pictures for your own safety, and that of friends to avoid hackers phishing. THEY CONTAIN EMBEDDED “GIFs” PROGRAMS that steal your personal data, Credit Card numbers and Pin’s. Greet each other by typing own words or use completely self made picture, videos. Self created material is completely safe.

The warning, which has been circulating social media since 2017, isn’t accurate. The grammatical nightmare of a warning, which uses vague, confusing terms like “phishing codes”, appears to be describing a threat whereas hackers could send malware-laced images or videos that – when opened – could infect a victim’s computer with malware or be used to steal personal information from a victim.

However, no such widespread threat matching such a description exists.

Another predominant issue with the warning – even if we overlook the confused pseudo-jargon, brazen grammar errors and lack of any known matching threat – is that it is simply too vague. The warning does not include pertinent details such as what websites or mobile apps are affected, or which platforms are being used to allegedly proliferate such malware-laced media, or how the attack works from a technical perspective.


Sponsored Content. Continued below...




Looking back through history, there have been a handful of attacks that have vaguely resembled the warning, though all are now no longer current issues.

For example, a limited threat briefly affected users of WhatsApp Web in March 2017, whereas crooks could send images laced with code to WhatsApp users that could redirect to potentially malicious websites, but this was limited to those who used WhatsApp on an Internet browser, and didn’t affect the bulk of users who used the WhatsApp mobile app. The vulnerability was fixed soon after it was initially reported and there had been no reports of the vulnerability being exploited.

Going back even further, to the 1990s, various now-long-out-dated security flaws in early versions of Windows would allow crooks to embed nasty code in JPG or GIF images. But needless to say, these archaic flaws have long been fixed.


Sponsored Content. Continued below...




As such, there are no matching threats. The claim in the viral warning that 500,000 fraud victims have “already been identified” seems to have been conjured from thin air, and has accompanied the hoax warning since it first surfaced in 2017.

Since the warning appears to be entirely fiction, we rank it false and do not recommend sharing it with your friends as it will not be helpful and likely only serve to confuse most readers.

Share
Published by
Craig Haley