Cyber frauds are commonplace and are all the more numerous the more popular the pool of users targeted by hackers. It is therefore not surprising that WhatsApp is one of the favorite targets, given its high popularity. The latest cyber threat affecting the popular messaging platform is the risk of losing control of your account after dialing a certain phone number.
ATTENTION TO SUSPECTED REQUESTS
A simple attack scheme – in some respects reminiscent of the one carried out through the request to send the OTP code – but also very effective if the victim falls into the trap.
- The attacker calls the victim and convinces them to dial one of the following two numbers:
** 67 * followed by a 10-digit number
* 405 * followed by a 10-digit number
- When the victim dials the number, he is disconnected from his account and the attacker has complete control over it
- Then the attacker starts asking the victim’s contacts for money
Rahul Sasi, founder and CEO of CloudSEk, a cybersecurity company, shed light on this latest scam implemented via Whatsapp. Sasi explains that the attacker:
Defraudes the victim’s WhatsApp contacts, even before the victim realizes that they have lost control of their account.
Specifically, those numbers activate call forwarding when the phone number is busy. The victim indicates an alternative number – in this specific case the one controlled by the hacker – to receive communications if the principal is busy. In the meantime, the hacker activates the registration process of the WhatsApp account linked to the main number of the victim; the process involves sending an OTP code; the code is sent to the alternate number while the victim is engaged in the conversation (i.e. while the main number is busy). This way the hacker can complete the registration process, disconnect the account from the victim’s device and start using it on their own.
— Rahul Sasi (@fb1h2s) May 23, 2022
Of course, the victim must cooperate, otherwise, the attack fails. And then you might be wondering what pushes those numbers to dial. The expert gives the interpretation of him: victims are used to making calls without hesitation because service providers around the world use numbers starting with “67” or “405”. In other words, the requests could seem completely legitimate because the numbers to access certain telephone services are often preceded by those numbers.
THE BEST DEFENSE IS PREVENTION, BUT IF THAT IS NOT ENOUGH…
Not responding to suspicious requests is the first step to avoiding falling into the trap set by hackers. It is also always worth remembering that access to the WhatsApp account should be protected by enabling two-step verification.
You can also always repeat the remedies already seen in the case of the OTP scam, that is: you can try to regain control of the account by asking for a new OTP code to be sent to your smartphone while repeating the registration procedure; or you can deactivate the account (the instructions can be consulted by connecting to this link) – after doing so, you can make a new registration. Other suggestions that are always valid concern the opportunity to inform your contacts and the Postal Police of the scam.