2020 International Conference on Computational Science and Computational Intelligence (CSCI)

Regular Paper Submitted to CSCI 2020 - ISNA Information Security Attacks on Mobile Messaging Applications: Procedural and

Technological Responses Lokesh Saravanan Ramamoorthi Gabrielle Peko David Sundaram Department of Electrical and Computer Information Systems and Operations Information Systems and Operations Engineering Management Management University of Miami, The University of Auckland The University of Auckland Coral Gables, USA Auckland, NZ Auckland, NZ [email protected] [email protected] [email protected] ORCID: 0000-0001-8077-1451 ORCID: 0000-0002-7878-3258 ORCID: 0000-0003-1575-4174

Abstract—In today’s digital world mobile phones have and information security attacks that exploit these a significant impact on our day-to-day lives including the use vulnerabilities. Then, we build a taxonomy of different of internet chat applications designed for smartphone users. types of attacks, and analyze the various phases of such Generally, these mobile messaging apps claim they protect attacks. We hope that this will provide the foundation the user’s information using encryption techniques. Yet, for building prevention and protection mechanisms information security attacks that exploit the apps’ against such attacks. vulnerabilities are increasingly common. These vulnerabilities are the main gateway for hackers to access II.ANALYSIS OF ATTACKS ON MESSAGING APPLICATIONS information. Considering the four most popular messaging apps, a taxonomy of attack targets of messaging applications Risks to information security occurs when is introduced that consists of three broad categories of malicious users exploit software vulnerabilities. These attacks. Each of these categories is discussed and analyzed vulnerabilities are the main gateway for hackers to in order to propose several combinations of technological access information. There are different categories of and procedural solutions to mitigate the vulnerabilities. attacks targeting the messaging apps users and their Further, it is envisioned that these solutions provide the information. A classification of the attacks includes (a) foundation for building prevention and protection exploiting software vulnerabilities (b) unintended user mechanisms against such attacks. activities and (c) social engineering. Keywords—social media, messaging, information A. Attacks That Exploit Software Vulnerabilities security attacks, vulnerabilities, social engineering The main gateway to hackers to access information is to exploit software vulnerabilities. In many apps the I.INTRODUCTION encryption feature is not turned-in as a default option. In the digital world of today mobile phones have a Although few messaging platforms such as significant impact on our day-to-day lives. In addition WhatsApp®, iMessage®, Skype® provide end-to-end to voice-based services, people widely use messaging encryption as a default option, a trained attacker can apps on smartphones to connect with friends and family. decrypt the messages and manipulate it for malicious These applications are basically internet chat purposes. Checkpoint Inc., a software security applications designed for smartphone users. Apart from organization, with the help of penetration testing text messaging features, these applications provide software frameworks like BurpSuite™, listed how facilities to share pictures, videos, files and enable voice WhatsApp messages can be intercepted and and video communications over the internet. While manipulated in both individual and group conversations many of these mobile messaging apps claim that they [4]. Based on the research done by Checkpoint, using protect the user’s information using encryption the software vulnerabilities of WhatsApp a threat actor techniques [1], there are many instances where these can: (1) use the ‘quote’ feature in a group conversation apps act as vectors for information security attacks. As to change the identity of the sender, even if that person of October 2018, according to Statista® the top 4 is not a member of the group; (2) alter the text of applications, WhatsApp, Facebook Messenger®, someone else’s reply, essentially putting words in their WeChat® and QQ messenger®, have a total of 4 Billion mouth; and (3) send a private message to another group users [2]. Despite serving so many users there are still a participant that is disguised as a public message for all lot of security gaps present in the messaging so when the targeted individual responds it’s visible to applications [3]. In this paper, we will first discuss everyone in the conversation. Every time WhatsApp various vulnerabilities of these messaging applications sends an update to its apps, threat actors try to explore

978-1-7281-7624-6/20/$31.00 ©2020 IEEE 275 DOI 10.1109/CSCI51800.2020.00053 and look for vulnerabilities so that they can successfully malicious and the sender might not have any clue about exploit the software to get information. the legitimacy of the attachment. B. Attacks Based on Unintended Activities of Users Chain Forward Messages: These messages are Social Engineering attacks target the users of the annoying forward messages where it instructs the sender application. Because billions of users use messaging to forward to N- number of their contacts. Usually these apps, they are huge target for malicious users to use messages convey that the sender’s wish has come true social engineering techniques to extract information. or a monetary phone credit or some other benefit will Let us consider different types of scenarios where users occur if they forward the message. As not all the users can be exploited for information security attacks. are aware of such scams, they simply forward the Accidental Texting/Forwards: Message forwarding information to multiple users and so on. Although these is an option provided so that a user can forward a messages are truly annoying to legitimate users, these message to another user that they received from messages may also contain phishing URLs that enable someone else. Accidental forwards happen where other ignorant users to be phished by attackers. sensitive information is sent by a user to someone who Puzzles and Challenges: These forwards aim at the is not authorized to view the information. A scenario users who seek gratification by solving an intellectual could be financial or health information, which could be challenge. When users interact on public groups that sent accidentally to an acquaintance rather than to include members unknown to them, they run a risk of intended friend. This happen often due to similarities in sharing their contact information to the group and names among the contacts list. Most of these apps trusting information that is being sent in the group. If provides delete functionality for such types of accidental any of the group users are infected by a malware it is forwards. However, there are several free mobile apps highly possible that every member in the group will such as Notification History Log available on app become infected. platforms [5], which track the notification and saves it Messages Related to Religion: In countries where on the receiver’s end. Even without this app installed, religious beliefs are predominant people tend to forward once the message is received by the unintended recipient messages and images that describe various aspects of they can copy or download it to their mobile device, religion. Sometimes these messages might end up preserve it and then use it for malicious purposes [6]. favoring one religion over other creating unnecessary Mindless Wildfire Forwards: The basic purpose of conflicts [8]. Similarly, many chain forward messages forward messages is to share the message with more circulate on WhatsApp and other messaging apps people. However, Mindless forwards happen when a proclaiming that the sender will be blessed with user forwards a message without reading or analyzing prosperity if they forward the messages to N-number of the content received. The messages have some appeal to members in their contact list. the receiver and with a general helping tendency in Lucky Prizes or Offers: While the above-mentioned mind, the receiver would like to spread the news to the categories of forwards are usually benign in terms of other contacts in their list. This viral forwarding creates social engineering, the forwards with links embedded in a huge problem if the message is not authenticated or them have malicious intent of extracting user from a legitimate source. Sometimes these forwards are information. These messages prompt users to click on initiated legitimately and sent to others but there are the link and input their information to be eligible for a instances where hoax or scam messages get forwarded. lucky jackpot prize. Sometimes these messages mention Health Advisory Messages: With the surge in that if the user would like to avail free groceries or free COVID-19 pandemic, several messages suggesting a shoes for example, they should click the link. These cure or preventative measures have been circulating in links appear very similar to legitimate web addresses of these platforms. The World Health Organization the organization. To ensure that the link in the message (WHO) termed these messages as infodemics [7]. They looks legitimate, scammers use Unicode characters that can spread misinformation, disinformation and rumors look very similar to regular English characters [9]. during a health emergency. Infodemics can hamper an Sensational Political News: One of the targets of effective public health response and create confusion the fake news creators is fabricating the legitimate news and distrust among people. with their own political view and creating sensational Greetings Messages: The message formats include fake news. This Fake news spreads on these apps like simple texts, emoji’s, static images, and videos. These wildfire because of the political preferences of the users messages are sent daily, for birthdays, national holidays [10]. With more sensational fake information and with and common occasions such as New Year, Christmas less truth these messages are highly influential during etc. While the nature of such messages is intentionally elections and have the potential to alter the outcome of genuine, some attachments with images in PDFs can be election results.

276 Sensational Celebrity News: Sensational news support for blocking Cyberbullies the phenomenon is messages about celebrities are also very popular not controlled significantly as the victims are either forwards. These news messages sensationalize afraid or embarrassed to voice their concerns. celebrities’ personal life and add bogus information to Phishing: Phishing has evolved with time. Gone are scandalize/sensationalize it. This catches on quickly the days where email is used as a phish vector. With among the users and they get forwarded at a rapid pace. increased spam control and AI based monitoring on Charity/Donation Requests: These messages often email servers’ scammers now take the easy route - depict a sympathetic situation and requests financial mobile messaging platforms. Greed is the attribute the help from the reader. Often, they request the user to scammer’s bank upon. Scammers send messages for forward the message as many times as possible so that offers or coupons and redirect users to click a bogus each forward will be reimbursed by the messaging app links to provide personal information. They also tempt owning company, i.e. Facebook Inc for Whatsapp, to the the victims with additional benefits if they can provide original sender of the message, thereby the target information about their friends and family [15]. The fundraising is complete. Here the receiving user wishes frequently occurring scam on WhatsApp is subscription to be helpful and forwards the message to others in their ending scam. The message states that if the user is not contact lists. reactivating the subscription by paying some amount of Crime Awareness Messages: Mobile messaging money using the given web link the subscription will be platforms are an effective way to educate people about cancelled [16]. Despite awareness articles published in various criminal activities and create awareness the news media users tend to fall for such scams due to campaigns. However, there are some extreme situations ignorance and the crafty design of the phishing message. where these Crime Awareness Messages agonize the Punycode and Homoglyphic Attacks: These attacks readers and even cause lynching’s in some situations. are advanced forms of phishing where the messages More than 7 lives have been lost in such incidents where forwarded contains the URL of legitimate website, yet, violent flash mobs have killed innocent civilians based they are nothing but Latin/Cyrillic equivalent Unicode on hoax messages. The readers of these messages are characters of English A-Z. Many Unicode characters, usually ignorant of the legal procedures and without which represent alphabets like Greek, Cyrillic, and directing the suspects to law enforcement authorities Armenian in internationalized domain names, look the they gather likeminded people and use violent methods same as Latin letters to the casual eye but are treated to handle the situation [11]. Law enforcement differently by computers with the completely different authorities have to follow ardent procedures to contact web address. For example, Cyrillic "а" (U+0430) and the messaging companies to take down such fake and Latin "a" (U+0041) both are treated different by infuriating messages. browsers but are displayed "a" in the browser address. Negative Sentiments about Organizations and To identify such attacks, browsers use Punycode to Products: The mobile messaging platforms acts as a defend against homoglyphic attacks. Punycode is a social media where messages are forwarded at a faster special encoding used by the web browser to convert rate than any other media. Especially if the messages Unicode characters to the limited character set of share a negative sentiment about a product or company. ASCIIs (A-Z, 0-9), supported by International Domain In these cases, they spread faster than a message with a Names (IDNs) system. Using this as a loop, hackers can positive sentiment [12]. There are several instances create domain name mappings with xn- (Chinese or where a negative message about a product has affected mandarin characters) to a homoglypic URL. the entire organization's image in the market. This Deepfake Videos: With the growth in AI based extends to the organization’s stock information and algorithms and technologies, Deepfake videos are on the internal news and reflects adversely on the company in rise. Deepfake encompasses a set of techniques used to the stock market [13]. synthesize new visual products, for example by replacing faces in the originals [17]. The creation of

C. Social Engineering Attacks Targeting Users Deepfake videos is easier with free mobile apps. Hence Information security threat actors tend to use more anyone with minimal video editing knowledge may social engineering techniques on messaging apps than circulate a Deepfake video on these apps. Not every user other platforms such as email or social media. Typical strives to analyze the legitimacy of the video. These are social engineering attacks are: very high-level social engineering techniques targeting Cyberbullying: Cyberbullying on the mobile an average user. messaging apps, is very common [14] amongst young Pornography: In one to one communication people adults and children. Sending intimidating, threatening or tend to share their pictures of children with their friends embarrassing messages via an electronic media is called and family. Sometimes users set these pictures as their Cyberbullying. Even though WhatsApp provides display picture for their profile. These pictures are also

277 targeted by predators to create child pornography user to commit physical harm to someone or commit pictures. Imposters claim that they are a modelling suicide. The perpetrators of this horrific crime monitor company and requests more pictures of children of the status on social media to identify victims who have unaware users. These pictures are morphed and suicidal tendency. superimposed on other pornographic pictures [18]. Malicious File Forwards: Embedding malicious III.TYPES AND PHASES OF THE ATTACKS content in file forwards is a classic way of cyber-attacks For any malicious users or threat actors’ three since the invention of emails. Unfortunately, it is present things are important to perform any information security in the messaging apps as well. Security researchers from attack. Method, opportunity and motive. Based on the Checkpoint Technologies® identified a flaw on analysis we performed in the section ‘Analysis of WhatsApp, Telegram messaging platforms where an Attacks’, let us see how hackers plan and execute the image forwarded by the attacker has malicious content attacks. The motive for attacking is either to phish for and the attacker can take control of victims a user’s information or a means to execute a bigger attack such account and impersonate the victim. as ransomware or malware downloads. Accounts Hijacking: Accounts Hijacking means A. Attacks That Exploit Software Vulnerabilities taking over another person’s user account without In the attacks that exploit the software permission and knowledge of that person. Hackers use vulnerabilities, the attacker’s method is technical and various techniques for hijacking accounts. The latest is requires some skillset in executing this attack. The using voicemail features of mobile phones. In a study of opportunity window of identifying the vulnerability and WhatsApp, the possibility of an account takeover the software vendor fixing the vulnerability is very less. happens when an attacker tries to add a legitimate user's So, the attackers should move in very fast to carry out phone number to the app installation on his own phone the attack. Usually, the steps involved in the attack are [19]. As per the normal security procedures, the as follows: WhatsApp service would then send a one-time code via Identifying the vulnerabilities: The malicious SMS to that phone number. This would typically alert a programmers reverse-engineer the software to look for user to an ongoing attack, but security researchers argue vulnerabilities. They may act independent or as an that a hacker could easily avoid this by carrying out the organized group. attack during nighttime or when he is sure the user is Publishing the vulnerabilities: Vulnerabilities identified away from his/her phone. by these reverse engineers are published for money or Ransomware Attacks: Ransomware is a malicious fame. The vulnerability information is also made software that prevents accessibility of a device or data accessible to other malicious threat actors. Since the and demands a ransom for accessing the data. In some dark web contains both malicious and white-hat users, messaging apps such as Whatsapp®, Skype®, messages the vulnerability information is also conveyed to the are secured by encryption keys, however this vendors, or anti-virus companies, so that they can work complicates the process of scanning messages for on fixing the software. malware. Attackers use these apps as a platform to send Hackers creating exploits: Other threat actors get the files that contain ransomware hidden inside, or attackers information about the vulnerabilities and write software forward links that when clicked can download exploits to extract information from the software based ransomware on the device. This social engineering on these vulnerabilities. These exploits are usually technique is especially hard to detect on small screen software-based vulnerabilities, when downloaded and devices, and an unaware user might be victimized. installed on the user’s devices, provide unlimited access Suicide Inducing Games: This is very highest level to the hackers. of activities which even target the lives of innocent Vendor patches and fixes: The software vendor also users. Attackers create challenge driven games for the works on fixing the vulnerabilities to protect the users users where the users get points or some rewards for from the attacks. Timing is critical in this situation completing the challenges. Every level of the game is because if the hackers exploit reaches users before the designed with increasing difficulty or performing an fix is rolled out by the vendor, the software becomes activity that includes physical harm. The highest level vulnerable and the software information security is of the game requires the user to commit a suicide. compromised. Bluewhale is one such game that was rapidly spreading User device compromise: Attackers reach users’ devices among young population and costed many lives in via social engineering methods manipulating the users different parts of globe [20]. More recently, a new game to download the malware on their devices. If the users called Momo Challenge has surfaced in parts of Europe have installed the latest version of the software, the and Asia. Momo Challenge is a game similar to malware will be ineffective on those devices. Bluewhale where the ultimate challenge requires the

278 B. Attacks Based on Unintended Activities of the User (c) Download files/images/videos in the message. This Opportunities for the attackers are created by the chain goes on and on where these messages are ignorance of the users and based on the opportunities forwarded exponentially to more and more users. methods of the attack are framed by the attackers. This Extract the information and repeat: Clicking on the link situation is very analogous to someone not locking their may prompt user to provide personal or financial house unintentionally or due to ignorance. There is little information and downloading the content might effort needed from the attackers to extract information. compromise the device downloaded where further The process is as follows: (a) Users perform an attacks can be staged by the attackers. With the unintended activity (b) Attackers keep a watch on such malicious message is out and open, there is a good activities in the social media/messaging platform. From possibility that many of the recipients click the these messages attackers try to extract the information link/download the malware on to their devices. If these and gain intelligence about the users (c) Attackers may devices are connected to any organizational network, further fabricate the message or craft manipulative the malware can do a greater damage to the information messages for social engineering, aiming that users will security. forward or share the messages in the social media, for a well targeted social engineering attack as a next step. (d) IV. MITIGATING VULNERABILITIES If the users fall victim to these messages, either their To mitigate the security gaps discussed above a information or device is compromised by the attackers. combination of technological and procedural solutions C. Social Engineering Attacks are required. As a technological solution, a wrapper Social engineering attacks form the major portion module can be created over the top of messaging of attacks on mobile messaging apps. Since there is high applications that helps address the vulnerabilities. In this volume of messages, it is very complicated by the section we explain about the secure wrapper vendor to identify and quarantine such messages. These implementation and how it can be leveraged to help social engineering attacks are a means for a major users to have a safe and secure experience while using attack. The nature of these attacks is very similar to their mobile applications. The proposed wrapper email phishing attacks; however, the messaging service module will be an extension to the mobile application providers do not have a better infrastructure or spam and will provide necessary functionalities to help filters to identify and control these messages. mitigate the risks mentioned above. The block diagram The phases of the social engineering attacks are: containing the key components of the module is shown Analyze the target: A careful analysis of the target in Fig. 1. These modules are deployed across different population will help the social engineer create a strong layers, such as Notification modules in the user’s message where many users can become victims. An device, Vulnerabilities checker module as cloud service empathetic message for cancer patients is an example. layer, content metadata is stored in data layer, and the Any natural disaster is a good time for these attackers wrapper also communicates with external fact checking because the chances of fundraising is very high. sources and subject matter experts to stay current and Design the message: Attackers design the social constantly update the repository content information. engineering message to manipulate decision making Notify the user for critical vulnerabilities and software capacity of the receiver. The main intention of the updates. The Notification modules constantly checks attacker is to make the target either click the link, and/or for software vulnerabilities in the vulnerability download the message and/or forward the message to database. If any found it will actively notify the users others. Attackers use the classic techniques of influence regarding the vulnerability and will constantly remind as a bait in these messages such as: reciprocity, the users to update to latest version of the software. obligation, concession, scarcity, authority, consistency, Scan and filter unusual file formats. Messages received commitment, liking, and social proof. with an attachment that is not a widely used file format, Execute the phishing attack: Once designed, attackers the module will filter such messages and notify the user. target group conversations, join these groups. Since Scan file attachments for malware. The module scans if most of the similar interest groups have more than one the file attachments contain any malware and filters administrator, joining a group is not a difficult task for them being delivered to the recipient. a social engineer. These messages are sent on these Notification about potential fake news. Identification of groups where other users trust these messages and act. fake news is a challenging feature as the fake news takes Users react: Users receive these messages and due to many forms such as text, media, fake news URLs, and the nature of these well-crafted messages they react. The text messages. The module will deploy a hybrid action could be either or combination of the following. approach to identify fake news messages. Initially the (a) Forward the message to others (b) Click on the link module crowd sourced learning techniques to identify provided in the message - usually they are malicious link fake news messages and will use deep learning

279 Figure 1. Block Diagram of Proposed Messenger Wrapper Module techniques to increase the accuracy of classification. attack categories: software vulnerabilities, unintended This fake news identification will provide notification to user activities and social engineering attacks. The users if the message the receive is not true or legitimate various phases of each attack category are outlined and to be trusted. analyzed in terms of primary elements, process and Restrict re-forwarding of messages. While messaging execution. In light of this analysis, several combinations apps such as Whatsapp® have improved the restrictions of technological and procedural solutions to mitigate the on forwarding certain messages to a larger group of aforementioned vulnerabilities are proposed. Currently recipients, mindless re-forwarding of messages help the messenger wrapper module is under development creates misinformation spread, and potential spread of for a Telegram® messaging platform. Telegram® is an malware. The proposed module will restrict forwarding open source platform and has 300 million users messages that were not original content messages. worldwide. Once it is implemented for Telegram® the Scanning messages for malicious, broken, or module will be modified to work with other messaging illegitimate URLs. Any message received that contains platforms. The overall contribution of the paper is to an illegitimate URL will be scanned and notified to the provide a foundation for discussion as well as building user. The module also identifies messages that contain prevention and protection mechanisms for information hidden links or links that have non-English characters, security attacks on mobile messaging applications. to prevent homoglyphic attacks. Once identified, the user will be notified of these messages and will be given REFERENCES an option for removal of such messages. [1] J. Corpuz, “Best Encrypted Messaging Apps 2018 - Alert notification for social engineering messages. Secure Android, iOS Messaging," Many social engineering messages follow a similar https://www.tomsguide.com/us/pictures-story/761-best- pattern the persuasion, urgency and familiarity. The encrypted-messaging-apps.html, 2018. module will identify such messages and notify the user [2] Statista. "Most popular global mobile messenger apps 2019."https://www.statista.com/statistics/258749/most- accordingly. The flagged of message will be available popular-global-mobile-messenger-apps/, 2019. for the user, and the user will be provided an option to [3] M. Williams, “Secure Messaging Apps Comparison,” unflag if the classification is a false positive for a https://www.securemessagingapps.com/, 2020. phishing message. [4] B. Dikla, R. Zaikin, and O. Vanunu, "FakesApp: A Vulnerability in WhatsApp,” Check Point Research V. CONCLUSION https://research.checkpoint.com/fakesapp-a- This paper discusses the various vulnerabilities of vulnerability-in-WhatsApp/, 2018. the top four messaging applications, in terms of number [5] R. Jain, "Here's how you can bypass WhatsApp's 'Delete for Everyone' feature," of users, and the information security attacks that exploit https://www.techradar.com/news/heres-how-you-can- these vulnerabilities. Based on these attacks, a bypass-WhatsApps-delete-for-everyone-feature, 2018. taxonomy of attack targets of messaging applications is [6] A. Sulleyman, "WhatsApp: You can still read people's introduced. This taxonomy consists of three broad embarrassing deleted messages even if they think they’ve

280 ‘unsent’ them,” The Independent https://www.independent.co.uk/life-style/gadgets-and- tech/news/WhatsApp-deleted-messages-unsend-how-to- delete-for-everyone-problems-notification-log- a8058131.html, 2017. [7] World Health Organization. Novel coronavirus (2019- nCoV) situation report-22; https://www.who.int/docs/defaultsource/coronaviruse/sit uation-reports/20200211-sitrep-22-ncov.pdf, 2020. [8] S. Raj, and K. Schultz, "After Religious Clash in India, Rumors Create a False 'Martyr',” New York Times, 2018. [9] BBC, "WhatsApp: How the supermarket voucher scam works,” BBC News https://www.bbc.co.uk/news/uk- 41900814, 2017. [10] Tech News, "The online battle for the truth,” The Star Online https://www.thestar.com.my/tech/tech- news/2018/07/12/the-online-battle-for-the-truth/, 2018. [11] A. Gowen, "WhatsApp-fueled fake news lynching’s sweep India," The Washington Post https://www.mercurynews.com/2018/07/02/WhatsApp- fueled-fake-news-lynchings-sweep-india/, 2018. [12] S. Tsugawa, H. Ohsaki, "Negative Messages Spread Rapidly and Widely on Social Media,” OSN '15 ACM on Conference on Online Social Networks, 2015, pp. 151- 160, ACM Digital Library. [13] Bloomberg, “How a WhatsApp message destroyed Infibeam Avenues's market by 71%," Business Standard https://www.business- standard.com/article/companies/WhatsApp-message- destroys-infibeam-avenues-s-market-value-by-71- 118092900053_1.html, 2018. [14] E. Rice, R. Petering, H. Rhoades, H. Winetrobe, J. Goldbach, A. Plant, J. Montoya, and T. Kordic, "Cyberbullying Perpetration and Victimization Among Middle-School Students," American Journal of Public Health (105:3), 2015, pp. 66-72. [15] M. Boddy, "Free Virgin Atlantic tickets? No, it's a WhatsApp scam,” Naked Security https://nakedsecurity.sophos.com/2018/04/04/free- virgin-atlantic-tickets-no-its-a-WhatsApp-scam, 2018. [16] J. Lindsay, "WhatsApp subscription has expired text is a scam – here’s what to do if you receive it,” https://metro.co.uk/2018/01/17/WhatsApp-subscription- text-scam-receive-7236709/, 2018. [17] L. Floridi, "Artificial Intelligence, Deepfakes and a Future of Ectypes,” Springer Link." (31:3), pp. 317 – 321, https://doi.org/10.1007/s13347-018-0325-3, 2018. [18] T. Carey, "Tempted to post pictures of your children on social media,” NZ Herald https://www.nzherald.co.nz/lifestyle/news/article.cfm?c _id=6&objectid=12121126; retrieved Nov 12, 2018. [19] C. Cimpanu, 2018, "Recent wave of hijacked WhatsApp accounts traced back to voicemail," ZDNet https://www.zdnet.com/article/recent-wave-of-hijacked- WhatsApp-accounts-traced-back-to-voicemail-hacking/, [20] R. Mukhra, N. Baryah, K. Krishan, and T. Kanchan, "'Blue Whale Challenge': A Game or Crime?” Science and Engineering Ethics Springer https://doi.org/10.1007/s11948-017-0004-2-, 2017.

281