TechVertu > Blog > Cybersecurity > Protect Yourself from the WhatsApp Hijack Scam!

Protect Yourself from the WhatsApp Hijack Scam!

‍With more than two billion active monthly users around the world, WhatsApp is by far the most popular messaging app. Unfortunately, since its creation 12 years ago, the app has been no stranger to convincing scams and SMS phishing attacks.

What is the WhatsApp hijack scam? 

The scam itself is fairly simple and unfortunately has been around for years. When you first install WhatsApp on a new device, the platform will then ask for the phone number of the account. When you enter the phone number, you will then receive a text message giving you a one-time code.

Once the correct code is entered, the phone will begin to receive WhatsApp messages. With this hack, in particular, the attacker uses an already hijacked account to contact a victim’s friend/family. In their message, the attacker commonly tells the victim’s contact that they are having issues receiving a six-digit code, and as a result had it sent to them instead and to please send it back.

That six-digit code is the WhatsApp verification code for the new victim, and by sending it to their friend/family they are sending it to the attacker. Once done, their own WhatsApp is hijacked!

Read More: 16 Tips for Improving Your Business Cybersecurity

What do the scammers do with stolen accounts?

The hijacker can message your friends/family and pretend to be you with your stolen account. A common trick is pretending that you are having a crisis and asking your contacts to send money. It also gives the hijacker your contacts’ phone numbers, so they have the opportunity to continue to try the six-digit code trick with new victims. By hijacking your account, the scammer will also remain in any group chats that you are included in, where they could potentially see sensitive information.

How can you protect yourself?

According to WhatsApp, users must remain vigilant and not share the One Time Password (OTP) or SMS security code Users must remain vigilant and under no circumstances share the One Time Password or SMS security code with anybody. For extra protection, users can also enable two-step verification to ensure complete safety. Finally, users must contact their friends or family members if they have received any suspicious messages on WhatsApp. WhatsApp has asked users to report any messages received from an unknown number in a guide you can view on their website.

anything else?

Lets Talk!

If you have additional comments or questions about this article, you can share them in this section.

Your email address will not be published. Required fields are marked *

Scroll to Top