WhatsApp scam could leave YOU locked out of your chat app

We use your sign-up to provide content in ways you’ve consented to and to improve our understanding of you. This may include adverts from us and 3rd parties based on our understanding. You can unsubscribe at any time. More info

WhatsApp users have been put on alert about a new hacking attack which can lock you out of your account after picking up a single phone call. Besides hijacking an account, the attack also lets bad actors access a victim’s contact list and read through their WhatsApp messages. And this nasty attack can be carried out on an unsuspecting WhatsApp user in a matter of minutes.

The threat was highlighted by Rahul Sasi, the founder and CEO of digital risk protection company CloudSEK who outlined it in a LinkedIn post.

The attack is carried out after hackers obtain the phone number of a WhatsApp user, while some social engineering is also required.

After picking up a phone call from the attackers they will try to convince a victim to place a call to another number.

How they convince a user to make this phone call wasn’t revealed in the research, but it likely would involve typical methods scammers resort to. This includes saying the target is due some kind of financial reward, that their account is at risk, or saying anything else that could create panic among someone and follow instructions.

WhatsApp: TikTok user reveals how to view deleted messages

If the WhatsApp user does end up calling the number they’ve been told of within a few minutes they would be locked out of their account.

Explaining how this works, Sasi said: “Beware, here is how WhatsApp accounts are getting hacked. First, you receive a call from the attacker who will convince you to make a call to the following number **67*<10 digit=”” number=””> or *405*<10 digit=”” number=””>. Within a few minutes, your WhatsApp would be logged out, and the attackers would get complete control of your account.”

Bleeping Computer in a post online said hackers are able to take over accounts thanks to automated services from mobile carriers that forward calls to a different phone number, along with WhatsApp letting users send a one-time verification password (OTP) via a voice call.

Once hackers have this OTP they can take over a WhatsApp account, registering it on their device and then using two-factor authentication to lock the owner from regaining access.

The tech website conducted their own experiments to see if the scam works, and found it did but required more effort than anticipated.

Thankfully, if you want to protect yourself from this attack there is one thing you can do today to lock down your WhatsApp account.

Turning on two factor authentication will right now help protect you from this kind of attack, while you should also be wary of unsolicited texts or phone calls either trying to get you to visit an external website, or provide personal and financial information.

Source: Read Full Article