E2E ENCRYPTION COULD MAKE WHATSAPP A SPAM MAGNET
By John P. Mello Jr. - TechNewsWorld |15th April 2016
Facebook's WhatsApp last week announced it would roll out end-to-end encryption for its users to better protect their privacy, but the move could make the service more attractive to spammers, too.
While encryption can safeguard information from data thieves, it also can block data protectors from detecting malicious activity on their networks.
"WhatsApp's encryption policy is a win for privacy advocates, but it will not stop the growth of spam on the platform and could make the problem worse,"-Simeon Coney, chief strategy officer for AdaptiveMobile.
"WhatsApp has always had limited spam control in place," he told TechNewsWorld, "and encryption will make detecting spam and malicious links with malware that much more difficult."
Over the last three to four years, mobile carriers have made it harder for spammers to deliver their junk messages, Coney noted. That's prodded them to look for greener pastures. "We've seen spammers move from services like SMS, MMS and RCS to services like WhatsApp," he said.
Not only does it cost spammers less to spew their rubbish on WhatsApp, but it's easier to find targets there.
"WhatsApp is a very friendly service to spammers because it allows them to validate phone numbers to see if they have a WhatsApp account," Coney explained, "so they can upload large number ranges to test who has a WhatsApp account and just send bulk messages to them."
Because end-to-end encryption prevents protection systems from seeing what's in a spam message, they can't guard against malicious activity like phishing, account hijacking, spam and malware.
"It's simple economics," Coney said. "As certain channels get closed off to these spammers, they're finding other ways to reach their targets. They only make money if they get their messages through and they get a reasonable conversion rate."