While social media platforms like Facebook are battling a massive data breach, popular messaging platform WhatsApp is the victim of a notorious scam. Hackers are trying to hold user accounts hostage. What’s more, they are using trusted contacts, such as a family member or a friend’s accounts, to hack into WhatsApp accounts? So today, we want to highlight this new kind of WhatsApp scam so be aware if you witness similar activity on your user account.

New WhatsApp Hacking Scam

Discovered by writer and speaker Alexis Conran (tweet), a new WhatsApp scam is currently spreading on the platform, and it hacks user accounts using their contacts. Confused? Well, let me clear it out for you.

How Does It Work?

Here is how the new WhatsApp scam works. First, you will receive an SMS stating a random log-in OTP from WhatsApp. Now, if you did not know, WhatsApp does not use passwords or PINs for user logins. Instead, it sends a One Time Password (OTP) to the users’ phone numbers to identify them.

So, you might think that your account must have logged out somehow and the random WhatsApp code must be your new login OTP. However, when you open your WhatsApp account, you will find a new message from a friend or a relative asking for a code.

Now, this is a crucial point as most people, especially the elderly, will send them the code as the message came from a familiar contact. However, it is not actually your friend or family member who texted you. It was the hacker who has already taken your contact’s account hostage. So, once you send them the code, your account will be hacked too!

Whatsapp scam hacks user accounts using their contacts

This sounds pretty dangerous and people who are uninitiated might fall prey to this very easily. Moreover, by the looks of the specimen SMS (image above) shared by Conran, it seems pretty legit.

How to Prevent this Scam?

Share the word with as many people as you can. If you fall in a similar situation, do not send the OTP to your contact right away. First, call your contact’s phone number and inform them about the scam. Moreover, as soon as your contact logs back into their WhatsApp account, it will automatically kick out the hacker.

To prevent such hacks in the future, you can turn on two-factor authentication (2FA) on WhatsApp. This will require an additional 6-digit PIN to log in to your WhatsApp account on your device. Furthermore, citing the massive Facebook data-leak recently and the falling popularity of WhatsApp due to its controversial privacy policy, you can also delete your WhatsApp account and shift to its alternatives.

VIAGizChina

1 COMMENT

LEAVE A REPLY