Tha National CERT of the Republic of Serbia wishes to inform and warn all users that a Viber phishing campaign is under way, recognizable by links beginning with hypertext “https://www.viber.com/activate_secondary/.“ Should you receive such message, the National CERT recommends you not to click on the link, otherwise you could compromise your Viber account.
The click on the link enables the attacker to add their device as one of the legitimate devices your personal access to Viber is authorized from. This means the attacker can read your messages, access your contact list and assume your identity.
Tips to stay protected:
- Do not open suspicious links.
- If you receive an unusual text or a message with an unexpected link, do not open it.
- Confirm the source: If a link is sent to you by some of your contacts, check with that person by other communication channel if they really intended to send you the link.
- Use official links: Always use an official web location or Viber app for all necessary activities concerning your account.
- Update your Viber app regularly.
What to do if your account gets compromised?
If that happens, you are advised to disable access to your Viber account on other devices (PCs or tablets), by taking the following steps:
- Open the Viber app on your mobile device.
- Select option More at the bottom right part of the screen in order to access the menu.
- Select option Settings in order to access the settings menu.
- Select Account.
- By selecting Desktop and Tablets, you will be able to access the list of devices where your Viber account is active.
- From the list you should select the device you wish to deactivate.
- Confirm deactivation when asked to.
By applying the above steps, you will be able to remove your Viber account from the selected devices and thus disable the use of your account on them.