WhatsApp users have recently experienced a new form of scam that could hijack their accounts after a single phone call.
Aside from locking out your account, the hackers could also easily gain access to your contact list. This means that the remote attacker can peruse your private messages without you knowing.
WhatsApp Phone Call Scam
According to a report by Express, Rahul Sasi, the current CEO of CLOUDSEK, a risk assessment firm based in India, has shared some information about the dangerous WhatsApp scam on LinkedIn.
Obtaining a random WhatsApp contact number is possible through hacking. The threat actors take advantage of this process as they utilize a bit of social engineering in their operations.
Sasi mentioned that the victim would receive a call from an unknown caller, which in this case is the hacker. This person will convince the receiver to initiate a call with another number.
As of writing, the cybersecurity researchers have not yet discovered the mystery of the attackers behind the process of convincing their victims.
Like other malicious schemes, the attackers could potentially ask for a financial reward for the victim's data. That's most likely the case here. From there, this would force the user to follow all the instructions from the hackers.
The dangerous part behind this cam is the possibility of your account being hijacked. Once the phone call starts, you will be notified a few minutes later that your account is about to get locked.
"Beware, here is how WhatsApp accounts are getting hacked. First, you receive a call from the attacker who will convince you to make a call to the following number **67*<10 digit="" number=""> or *405*<10 digit="" number="">. Within a few minutes, your WhatsApp would be logged out, and the attackers would get complete control of your account," Sasi wrote in his post.
WhatsApp OTP Verification Danger
Last month, Bleeping Computer wrote that it's now easier for the attackers to seize a WhatsApp account. Upon forwarding the call to a different contact, a one-time verification password or OTP will be forwarded to them through a voice call.
An OTP is a single-use PIN that will appear to validate your login session or transaction. Once this is given away to an unknown recipient, the hacker could just hijack a WhatsApp account.
Additionally, the attacker will use it to access the device. Later, the cybercriminal will now be able to gain access to the owner's account. You can no longer access it once a two-factor authentication is installed on it.
To avoid this type of WhatsApp scam, the best thing that you can do is to lock down your profile on the platform. We also advise you to utilize the 2FA mechanism so you can stay protected online.
This solution will inform you if there are unsolicited messages or calls that want to invade your account. In this way, your confidential information online will be protected from hackers.
Meanwhile, BBC reported that almost £16,000 or $20,000 was scammed by a woman in the United Kingdom. According to the authorities, the WhatsApp hacker pretended to be her daughter. All of the messages sent to her were too good to be true.
When her daughter did not greet her back good night, that's the time that she assumed that something was entirely wrong with her kid.
This article is owned by Tech Times
Written by Joseph Henry