Cybercriminals impersonate a relative or acquaintance to request the six-digit password sent by the messaging application to verify an account and thus be able to usurp it.
The latest scam of the WhatsApp messaging application is a clear case of ‘phishing’ in which family and friends are used . Known as ‘ the 6 number scam ‘, scammers looking to take over your WhatsApp account write from someone’s number on your contact list so you don’t get suspicious.
It is a very effective method because, once someone is impersonated , it is much easier to follow the chain and get the accounts of all their contacts.
The way is relatively simple: when you try to start your WhatsApp ‘app’ on a new mobile phone , the messaging application sends a 6-number code to verify that you are the owner of that WhatsApp account. The cybercriminals are served this verification method to log the phone number of the victim , which is receiving a real – SMS WhatsApp with your verification code .
Almost instantaneously, the data thief , who already has the account of your partner, your father or your boss, tells you from the account of your close friend that he has sent you this code “by mistake”, and that resend it. As it is someone in your circle, you do not suspect and you do it, with which you lose control of your account and the attackers can access all your WhatsApp information .
When hackers manage to take over your account, the only option left is to request another verification code and insert it immediately. If that doesn’t work, the only thing to do is contact WhatsApp and inform them of the account theft. This will block access to the cyber scammer. The messaging application itself tells how to recover the account on its FAQ page .
However, if the ‘hacker’ has activated the ‘two-step verification’ option, the account will be locked and cannot be recovered until a week has passed .
At the same time, an email should be sent to all possible contacts warning that your WhatsApp account has been stolen and including the supplanted phone number.
The spoofing of WhatsApp accounts began to be detected last summer . About a month ago, this type of robbery was activated again. The deputy inspector Sergi Martínez, from the Technical Area of Proximity and Citizen Security of the Mossos (atprox) , recommends that users activate the option of ‘two-step verification’ from the ‘settings’ tab of the application.
In this way, hackers will not be able to enter the account if they do not have the 6-digit PIN code that has been activated.