Martinelli hoax is back on WhatsApp – don’t forward!

The Martinelli hoax which warns Whatsapp users of a virus-carrying video set to go live on the social media platform ‘tomorrow’ has re-emerged several years after it was first seen. 

The latest reincarnation of the hoax has kept the text of the original precisely, including the five-fold exclamation points and the weird extra spaces before punctuation marks.

The new hoax even claims that the video first mentioned several years ago still “comes out tomorrow.”

But there’s a new twist this time, with yet another hoax tacked on the end referring to another video “that formats your mobile.” This time, the video is called Dance of the Pope:

Ironically, Snopes suggests that this piece of the hoax – which is basically the same as the Martinelli hoax but with a different video name – is even older than the Martinelli part, dating back to 2015.

Quite why the hoax has reappeared now is not clear, though it may have been triggered by March 2020 news headlines about wunderkind Brazilian footballer Martinelli.

Martinelli currently plays for Arsenal but has been tipped to appear in the Brazilian national squad at just 18 years of age. He’s also been the subject of media speculation that he might get poached from Arsenal by Spanish heavyweights Real Madrid.

In theory, playing a deliberately booby-trapped video file on your mobile phone could end up in a malware infection, if your phone has an unpatched bug in its media player software that a crook could exploit.

In practice, however, that sort of bug is very rare these days – and typically gets patched very rapidly and reported very widely.

Here cybersecurity company Sophos offers its advice about what to do if you see these kinds of stories online. 

• Don’t spread unsubstantiated or already-debunked stories online via any messaging app or social network. There’s enough fake news at the moment without adding to it!
• Don’t be tricked by claims to authority. Anyone can write “they announced it today on BBC radio,” but that doesn’t tell you anything. For all you know, the BBC didn’t mention it at all, or announced it as part of a hoax warning. Do your own research independently, without relying on links or claims in the message itself.
• Don’t use the “better safe than sorry” excuse. Lots of people forward hoaxes with the best intentions, but you can’t make someone safer by “protecting” them from something that doesn’t exist. All you are doing is wasting everyone’s time.
• Don’t forward a cybersecurity hoax because you think it’s an obvious joke. What’s obvious to you might not be to other people, and your comments may get repeated as an earnest truth by millions of people.
• Don’t follow the advice in a hoax “just in case”. Cybersecurity hoaxes often offer bogus advice that promises a quick fix but simply won’t help, and will certainly distract you from taking proper precautions.
• Patch early, patch often. Security updates for mobile phones typically close off lots of holes that crooks could exploit, or shut down software tricks that adware and other not-quite-malicious apps abuse to make money off you. Take prompt advantage of updates!
• Use a third-party anti-virus in addition to the standard built-in protection. Sophos Intercept X for Mobile is free, and it gives you additional protection not only against unsafe system settings and malware, but also helps to keep you away from risky websites in the first place.
• Don’t grant permissions to an app unless it genuinely needs them. Mobile malware doesn’t need to use fancy, low-level programming booby-traps if you invite it in yourself and then give it more power that it needs or deserves!