The following information was obtained from the different cyber security sources and provided as a notification to all parties concerned pursuant to the mandate of the Philippine National Police Anti-Cybercrime Group (PNP ACG).

The information provided is classified as Restricted pursuant to the PNP Regulation 200-012 on document security with impact rating of significant and threat rating of high, based on PNP Information and Communications Technology (ICT) Security Manual s.2010-01 p. 22 and p.129.


WhatsApp Messenger is a cross-platform mobile messaging app which allows you to exchange messages without having to pay for SMS.

Hackers are reportedly sending mobile malware packaged inside Microsoft documents to WhatsApp users. The cybercriminals are specifically targeting WhatsApp users in India by pretending to send messages from government agencies, according to reports.

Hackers are taking advantage of two big organizations in the region to convince users to click on the message attachment. The malicious WhatsApp messages contain names of major organizations in India including NDA (National Defense Academy) and NIA (National Investigation Agency). The documents that circulate via messages are typically in Excel format, although Word and PDF files have been reported as well. The documents are able to access personal data on the phone, including banking credentials and PIN codes.

“As these two organizations are very popular and known within the country and abroad and there is a curiosity about them, it is possible that it may affect the mobile phones of people interested in these subjects,” officials told the Economic Times. “However, it has been analyzed that the men and women in defense, paramilitary and police forces could be the target groups.” It’s unclear at this time what else this virus does on a phone or tablet, or whether WhatsApp is taking any action to prevent the scam. A recent report profiled what must be one of the scariest examples of Android malware at work. Russian intelligence targeted Ukrainian army with an Android virus that turned the devices the military used for targeting their artillery pieces into tracking devices that could transmit the troops’ exact position. 3

The community is advised to follow the best practices listed for securing and protecting information whether for personal use or for work:

• Avoid clicking on dubious links, irregardless of how you receive them;
• Limit app use to applications downloaded from official app stores; and
• WhatsApp users should refrain from clicking on messages sent from unknown users, especially if the texts include suspicious attachments or links.

For additional information, please refer to the following security websites:


Please contact CSRAD, PNP ACG for any inquiries related to this CYBER SECURITY BULLETIN at and This email address is being protected from spambots. You need JavaScript enabled to view it. or call 7230401 local 5337.