This is how they are stealing WhatsApp accounts

This is how they are stealing WhatsApp accounts

 WhatsApp is one of the most used applications in the world. In US and other countries it is unrivaled and thousands of people use it daily for their personal and professional communications. For that reason, there is so much interest in locating its vulnerabilities or attacking its users. However, in this case it is not so technical and it is more related to social engineering. Throughout the year they have warned us several times and now they are giving us a touch again about the type of cyber attack that steals the WhatsApp account .

During the pandemic, cyberattacks have proliferated due to the increase in teleworking and purchases over the Internet. Criminals have targeted apps like TikTok and then Zoom, but they have never lost sight of WhatsApp. In fact, in recent weeks a new type of cyber attack has been spreading that appropriates the WhatsApp account to its victims.

The simple, but effective attack against WhatsApp

Basically, they manage to fool the user by impersonating one of their WhatsApp contacts , which eliminates any kind of suspicion. As we are going to see, this is not new, but various peaks of activity have been detected throughout the year and right now we are in one of those peak moments of criminal activity to steal WhatsApp accounts.

Basically, someone who was posing as our contact (or not) sent us a message like this:

“Hello, sorry, I sent you a 6-digit code by SMS by mistake, can you please pass it on to me? it is urgent"

Next, we received a WhatsApp message with a 6-digit code , this totally true. The problem is that if we give that code to someone else, they can finish registering our WhatsApp account on their mobile phone. With this, you gain control of the account on your device and access to messages and contacts.

WhatsApp explains it to us on its website: “Never share your WhatsApp verification code with other people. If someone is trying to take over your account, to do so, they will need the verification code that was sent by SMS message to your phone. Without that code, no user who tries to verify your number will be able to complete the verification process and use the number on WhatsApp. This means that you remain in control of your WhatsApp account ”.

However that request comes to us, we should never give those six numbers to anyone, whatever the pretext you put. If you tell us that you have made a mistake, nothing prevents you from starting the process from zero and entering the number correctly, although in this case, it is a deception as simple as it is effective.

How to protect ourselves from this account theft

Luckily, this account theft doesn't work “if we don't collaborate”. That is, if we don't give that 6-digit number to someone else, they won't be able to do anything to us. However, you should take some security measures. In this case, we are not referring to privacy measures such as hiding the last WhatsApp connection , they are other types of recommendations.

The most important is to enable two-step authentication . For it:

  1. Open WhatsApp Settings.
  2. Touch Account> 2-Step Verification> Activate.
  3. Enter a six-digit PIN and confirm it.
  4. Provide an email address that you have access to, or tap Skip if you don't want to add this address. We recommend adding an email address as this allows you to reset 2-Step Verification and helps protect your account.
  5. Tap Next.
  6. Confirm the email address and tap Save or OK.

With that, they will not only have to get the 6-digit number, but also this PIN to be able to steal our account. Therefore, if we have two-step verification activated, it will be almost impossible for our account to be stolen, at least with this method.

Post a Comment