The cybersecurity company ESET raised alarms about a new viral scam which has as protagonist WhatsApp. The attack detected in the last hours seeks steal users’ account by sending a fraudulent SMS.
The cybercriminals behind the threat they pretend to be WhatsApp technical support and they contact the user through an SMS message to inform them that their phone number, the one linked to this service, was registered in a new account.
Next, and to verify that the person they are contacting is the owner of the account, the digital criminals ask you to resend them a security code consisting of six digits that you will receive via SMS.
If the victim sends the six-digit code to verify your identity you will have completely lost control over your WhatsApp account and cybercriminals will be able to log in with your phone number. Basically, they will be able to steal the account and impersonating the victim.
The fraudulent message that can reach your WhatsApp application. Photo: ESET screenshot.
Recommendations to not lose your WhatsApp account
ESET urges the users of this application to be alert for the possible reception of this type of SMS. If you see the message in your inbox, they advise you to delete it immediately “in order to avoid a security breach.”
Other information to keep in mind: you should never lose sight of your phone or device. Therefore, specialists advise deactivating the preview of your SMS messages. This may sound obvious, but many people prefer to have active to look at the messages more quickly. The consequence of a third party agreeing to view the code can be fatal.
ESET researchers recall that it is impossible for the potential victim’s number to be used to register a new account, since WhatsApp only allows you to have one account per registered phone number.
How to set up 2-Step Verification
Two-step verification on WhatsApp.
On the other hand, the courier service has a key safety feature To avoid this type of virtual scams: the verification in two steps, which is usually used to protect email accounts and social networks.
With the application open, you will have to go to Settings> Account>check in two steps and click Activate. Then, you will enter a six digit code which will be the key to protect our account.
When enabling two-step verification, WhatsApp will request a six-digit PIN.
Then you will need to enter the email address as additional security layer.
Finally, WhatsApp will have the two-step verification confirmation set on the phone, which means further complicate the chance that someone can hijack the account or transfer all messages to another device.
The user will only need to enter a recovery email to complete the two-step verification process.
You just have to keep in mind that after enabling two-step verification, WhatsApp will ask every so often and randomly that you enter your PIN. Of course, it will not be every time the application is entered, so it should not be an inconvenience and it will keep the privacy of the data safe.