Spim

Spim is the type of unwanted messages that we receive through instant messaging applications. That is to say, the junk messages that reach us via WhatsApp, Telegram, Facebook Messenger, etc. At the same time, they can also be sent using SMS.

Many consider it the evolution of spam, all the promotional messages we receive from unknown companies. But the truth is that although the intentions of hackers who send spim are very similar to those of spammers, the scenario of spim (instant messaging applications) is totally different.

1. Spim and spam

Spim is always fraudulent in nature and has a malicious intent, while spam is not always so, and most of the time it is unwanted advertising, which is simply annoying but not dangerous.

Similarly, when we receive spam by email, the sender of the message is usually an unknown person, while in spim the fraudulent message pretends to make us believe that it has been sent by one of our contacts.

Whether it is spim or spam, we must always be alert to the messages we receive (no matter how we receive them) so as not to compromise our security and avoid being scammed.

2. Target of spim

The aim of the cybercriminals who spim is to take control of the device of the person who suffers the spim attack, in order to gain access to the passwords stored on the attacked device and steal private data.

To do this, they usually send a link to the victim, with a message that will try to convince them to click on it, in order to take them to a malicious web page or start downloading a malicious attachment thanks to which they can capture data from the device (once it is infected).

3. Tips to protect yourself from spim

You should always be cautious and alert, this is a premise to avoid becoming a victim of spim, as well as to take into account this series of tips that will allow you to protect yourself against a spim attempt:

• In case you are not sure who is the person sending the message, don’t click on any link or attachment.
• Be suspicious when you receive a link or message from a contact, which has no relation with the conversations you have had previously, or out of context.
• Never pay attention when you are asked for any kind of payment or banking information, no bank will ask you for it by that means.
• Keep both instant messaging applications and the devices on which you use them up to date.
• As a general rule, never provide personal data or credentials of any kind in an instant messaging application.
• You must correctly configure the privacy options of instant messaging applications to avoid receiving messages from unknown senders.
• When you detect spelling and/or grammar errors that you don’t consider normal, it is most likely a spim attempt.