admin
Tom Muleya Fraud Insight
Cyber criminals are daily recognising the vast potential of cyberspace, and exploiting network vulnerabilities for monetary gain.
A new Whatsapp scam is out which enables criminals to hack into Whatsapp accounts with just one OTP message.
Econet Wireless Services should be applauded for continued awareness campaigns through alerts to their customers.
Here is one of their alerts; “Be alert! Mobile phone hacking via Whatsapp and SMS is increasing. Verify all suspicious messages requesting your personal information before responding”.
Since many people (school children, students, individuals, and corporate business) are in possession of some smart phones allowing for fast internet connectivity, mobile scams will definitely increase to unprecedented levels.
Now let us look at how this cyber evil, “Whatsapp Hacking” is perpetrated.
Whatsapp hacking is a mobile scam that allows criminals to lock user’s account and access messages.
This new form of fraud begins when the user receives a text message with a six-digit number on their phone.
This text message supposedly comes from the Whatsapp platform. The hacker poses as a friend or one of the contacts asking them to send a 6-digit code that they receive in their inbox.
The code is a confirmation that Whatsapp sends to all its users if someone tries to sign in from a different device.
The message goes like this; “Hello! Sorry, I mistakenly sent you a 6-digit code by sms. Can you transfer it to me please! It is urgent!”
The moment the targeted user responds, and sends that code, the account is hacked. The hacker gains access into account and obtains the personal information, and then uses it to commit fraud.
Whatsapp scams are sophisticated like any other internet scams but can however be minimised or prevented if users choose to follow measures that can guarantee their security. Below are some of the things one can do in order to avoid falling prey.
• Whatsapp users must act responsibly. To act responsibly entails exhibiting proper and sensible behaviour when using Whatsapp. Users must avoid being complacent but act thoughtfully in handling messages that comes on mobile phones or Whatsapp platforms. The very thought that Whatsapp platforms are home to good and bad things is the first or primary line of defence against these scams.
• Whatsapp users must activate a “two-step verification” process. This entails that as soon as the suspicious message is received, purporting to be coming from a friend or one of the contacts asking for a six-digit code, the user should first contact the friend in question to confirm whether it is indeed them who sent the message. The user should however do the confirmation from another application other than Whatsapp (because it is already intervened) to confirm the identity, and only then should the code be shared, best if it is shared over a voice call. Any six-digit code sent without prior confirmation will result in being hacked.
• Whatsapp users must immediately switch off the mobile phone and or delete any suspicious message. Mobile phones are mischievously known for erroneously sending messages even to wrong destinations. Hence switching off the phone and or deleting the message will prevent accidental sending of six-digit code to the hacker.
• Whatsapp users must take total control of their mobile phones and secure passwords. Some people don’t protect their passwords and like their mobile phones playing in the hands of other people. Such actions will result in other people responding to six-digit code request without even informing the mobile phone owner.
Get empowered by Fraud Insight and prevent or minimise Whatsapp fraud scams. Watch out for the next issue as we look at some other forms of hacking.
For your feedback, WhatsApp line: 0772 764 043, or e-mail:[email protected]. Tom Muleya is a Detective Assistant Inspector working under the Criminal Investigations Department. Harare.
Online Reporter