Hackers Are Using Personal Messages On WhatsApp To Attack
Are you a WhatsApp user? If so, be aware that hackers have worked out a means of hijacking a user's WhatsApp account and gaining access to a user's contact list and personal messages.
The attack relies on mobile carriers' automated service to forward calls to different phone numbers, which is a service every major mobile carrier offers.
Unfortunately, it can be exploited by hackers by tricking users into forwarding their calls to a number that the hackers control. So when WhatsApp sends a one-time password (OTP) verification via voice call, the hackers wind up with the code.
Rahul Sasi is the CEO and founder of CloudSEK which is a digital risk protection company.
Sasi had this to say about the attack:
"First, you receive a call from the attacker who will convince you to make a call to the following number **67* or *405*. Within a few minutes, your WhatsApp would be logged out, and the attackers would get complete control of your account."
Once the hackers have tricked a user into forwarding their calls, they initiate the WhatsApp registration process on their device, naturally choosing the option to receive the OTP via voice call.
There are a few caveats here, and this methodology is by no means fool proof. For example, the victim does get a text message stating that his/her WhatsApp account is being registered on another device. When there's a lot going on that's easy to miss, but an observant user won't.
Also, if call forwarding has already been activated on the victim's device, then the attacker must use a different phone number than the one used for the redirection. This usually won't stop a determined attacker, but it will take a bit more social engineering and moxie to pull off.
The bottom line is, if you're a WhatsApp user, someone may try this on you. So be on the alert for it.
At Dallas Network Services, we work with a large variety of businesses based in Dallas and Fort Worth (DFW) and the surrounding area such as Addison, Plano, Carrollton, Denton, Richardson, Garland and beyond. We also extend our reach outside the area to include all Texas and other states. We provide on premise server support including Microsoft Exchange as well as Cloud computing services and hosted solutions. We specialize project services, network support, desktop support and voice over IP (VoIP) business phones. Our fully managed IT services will improve your business reliability as well as your bottom line. Contact us today at www.dallasnetworkservices.com chat or call 214-696-6630. #DNS#dallasnetworkservices#techsupport#hacker#cybersecurity#MSP