A new scam is rampant on WhatsApp. Clearly, hackers are actively using a new way to bypass application security.
On WhatsApp, a scam allows hackers to take control of an account with a simple phone call. The alert was issued by Rahul Sasi. He is the founder and CEO of CloudSEk, a contextual AI startup that alerts about potential cyber threats or scams.
Full account takeover
According to the cyber-expert, it all starts with a call from hackers asking to dial numbers starting with “67” or “405”. If the victim carries out this request, he finds himself disconnected from his account. The hacker then has full control of their WhatsApp account. In short, the hacker asks the victim to make a call to a specific number. If the victim executes the request, the hacker can easily take control of the user’s account with a simple snap of his fingers.
“Once the hacker gets access to the account, he [se fait passer pour la victime] to request money from his contacts”, explains Rahul Sasi. Thus, “the criminal misuses the victim’s contacts even before the victim realizes that she has lost control of her account.
A relatively simple technique
“Although there are hundreds of scams out there, I want to highlight this one because of its simplicity. The simpler and shorter the trick, the more successful the scam”, insists the cyber-expert. In fact, the number the victims dial is a service request for “call forwarding”. Hackers can then redirect victims’ calls to a phone number that belongs to them. Concretely, the attackers start the process of registering for WhatsApp by choosing the “option to send OTP by phone call”. Following this procedure, the attacker’s phone receives the OTP, which will allow him to access the accounts of the victims. And “this method works globally because each country and service provider has an identical service request number”said Rahul Sasi.
To dodge the scam, the easiest technique is to avoid taking calls from unknown numbers or making calls to unknown numbers. An effective password and the activation of two-factor authentication on its accounts are also effective barriers against attacks.
_
Follow Geeko on Facebook, Youtube and Instagram so you don’t miss any news, tests and tips.
–