WhatsApp: it will happen to you if you do not agree to their new rules 1:05
(Spanish CNN) – Cyber attacks have been a constant for years. In Latin America, this is no exception. From January to September 2020, 1.3 million ransomware attack attempts were recorded in the region, with Brazil and Mexico topping the list, according to cybersecurity firm Kaspersky.
“According to our data, 55% of computers in the region still use Windows 7 and 5% Windows XP (systems that no longer receive technical support and are therefore more vulnerable to attacks),” comments Santiago Pontiroli, security analyst at Kasperksy, in a report.
On top of that, the rate of pirated software is 66%, almost double the global average rate of 35%, which leads to a much higher state of vulnerability, Pontiroli adds.
WhatsApp, target of cyber attacks
Although nearly 70% of these attacks target businesses, according to Kasperspky, everyday users remain exposed in different ways.
Concern for users remains latent because in the cybersecurity trends for 2021 are the hijacking of WhatsApp accounts, which is the main messaging application in 112 countries, including all of Latin America, according to a compilation of data carried out. by software publisher Zendesk.
“Today (accounts are hijacked) using social engineering (to request) the verification code received by SMS”, thus taking control of the account, ”details Karspersky’s report on IT security trends for the current year.
“In the near future, it will be even more attractive to fraudsters for WhatsApp Pay”, as unauthorized purchases could be made by the victim, he added.
Most common attacks on WhatsApp
In an interview with CNN, Dmitry Bestuzhev, director of Kaspersky’s global research and analysis team in Latin America, explained that in the previous case, the attacker was trying to register the victim’s phone number on WhatsApp, which receives a verification code by SMS.
The attacker then contacts the victim and regularly tells him that he has won something but needs the verification code to confirm his identity and thus award him the prize.
“With this code, (the attacker) places it on another device where he registers WhatsApp and with that he gets control of the account,” Bestuzhev said.
“From that moment, the attacker immediately activates two-step authentication and the victim will be left without WhatsApp,” he added.
WhatsApp: Here’s What You Need To Know About The Changes To Their Privacy Policies 3:43
It is one of the most common ways to attack WhatsApp. But there is a second that is also observed on numerous occasions, according to the Kaspersky executive.
“Another way to hijack the account is to clone the row. Here it is on the desktop version of WhatsApp. Remember that to activate it you need the QR code.
“The victim is told to scan a QR code for whatever reason (prices, a hoax that WhatsApp improves security and you have to scan the code so you don’t miss a line).
“The person with their cell phone can scan this code which they can have anywhere they want (on a web page, send it to the victim’s email). The victim scans it and the session will be cloned, ”with which they can spy on all of its content, says Bestuzhev.
The risks are great. This is why the need to protect your WhatsApp account is increasing. Here we give you four tips to help you do it easily.
This is how Facebook makes money with WhatsApp 0:34
Tips to protect your WhatsApp account
1. Two-step verification
“Turn on two-step verification and provide an email address if you forget the PIN,” says Paloma Szerman, public policy manager for WhatsApp for Latin America, in an interview with CNN.
What is it about? You have to go to your account, then go to the “Settings” menu, then click on “Account” and there you will see “Two-step verification”.
You will need to choose a six-digit PIN code. You will be asked for this each time you want to save your number on a new device, in addition to the SMS verification code.
After entering your PIN code, WhatsApp will ask you for an email in case you forget the six digits and need to restore them.
Bestuzhev points out that the ideal would be to have the possibility to put a complex password instead of a PIN code, but that this two-step verification is essential, coupled with a good password so that your email is protected from this aspect.
2. Don’t fall for the QR trap
If someone asks you to give a written code or scan a QR code, there is a good chance that it is a fraud, explains the Kaspersky manager. “You never have to pass this code on or talk to anyone verbally,” he adds.
In this regard, Bestuzhev mentions that secure QR code scanners should be used.
“Before opening a file, (this scanner) tells you what it is and gives you the reputation of that link, if it’s malicious or suspicious, and it won’t take automatic action to open the page.” », He explains.
3. Do not share codes and be careful who you share the phone with
It is WhatsApp’s policy that you should never share the registration code (the one sent to you via text message when registering your account) or the two-step verification PIN code with other people.
“We always tell our users to never share their WhatsApp verification code with anyone, not even their family or friends, as this could cause someone to access their account,” Szerman explains.
Along with this, it is essential that you have a clear understanding of who can and who cannot access your physical phone as this will help you reduce risk.
“Be careful who has physical access to the phone. If someone physically accesses the user’s phone, they can use their WhatsApp account without their permission, ”he adds.
4. Advanced security options
Bestuzhev says these options won’t save your account from potential theft, but they add extra security steps for privacy concerns.
Regarding this problem, Szerman comments that the advanced security options in the case of WhatsApp are two-step verification and biometric recognition.
The first one, you know how to activate it. In case two, you need to go to the “Settings” section of your phone. It depends on the brand, but normally you should go to the option “Security and privacy” then “Application blocking”.
Once here, you will be able to determine a security PIN code that you will be asked for in the apps you decide to block and you can also set up a secret question to reset the PIN code in case you forget it.
“These are settings that won’t necessarily save your line, but privacy is still good,” Bestuzhev concludes.
–
