WhatsApp account thefts continue to be felt by some users who often share their bad experiences on social networks like Twitter and Reddit. But, after all, how is it possible to steal an account from this service?
The deception begins with authentication on WhatsApp. The user, to enter the respective account, needs a valid phone number – corresponding to an active SIM card – so that the service can send the SMS or authentication phone call.
Never share the verification code (6 digits)
This is the weak point, exploited by malicious minds. O 6 digit code sent by SMS, or call and even voicemail if said call is not answered, it is something secret and should never, under any circumstances, be shared.
It is a password as or more sensitive than the password. password Facebook, Twitter, or other social network. It is something private that must not leave the user’s own knowledge sphere. However, hackers have several ways to convince the victim to deliver this verification code, using mainly persuasion tactics.
Persuasion and manipulation to extort the verification code
As the publication points out WABetaInfo, hackers impersonate someone else, usually a relative or friend of the victim. They do so in order to win the victim’s trust, also appealing to the target’s goodwill.
Something as simple as “Hello, I need a favor from you, my smartphone is out of battery and I need to log into WhatsApp. Can I give your number to receive the SMS with my code? It’s fast and you don’t pay anything. You already received the code what do i need?
For those who use WhatsApp a lot, have several friends and family members using this platform and may not know the phone number of each contact, it is not at all impossible for some derivation of the above formulas to convince him.
The victim is made to think that you are simply helping a friend or family member, when, in fact, you’re handing control of your account over to a stranger. This is the most common attack vector among hackers to steal WhatsApp accounts.
The trend, according to the source, shows no signs of slowing down, with more victims accumulating. Once the hacker you have access to this verification code the control of the account passes to your sphere. The user is prevented from accessing it.
So unless you know exactly the number of the person who sends you such a request, ignore it. Nothing guarantees you that the other party has not put your number in the account recovery tools and is just waiting for the code.
Fake accounts are used for various purposes on WhatsApp
Another of the rising methodologies involves creating fake accounts – using virtual phone numbers. Something that mainly affects Brazil, but that is not unprecedented in Europe.
The user then creates a bubble of lies and contrivances in an attempt to convince the other party to “do him a favor” and tell him the 6-digit code so he can log into the account. Note, however, that the bait methods do not stop there.
- “Your WhatsApp account will expire within 2 days. Renewal is required by sending the code we now send via SMS “.
- “The WhatsApp team needs to verify that it is a human user. Send the 6-digit code through this chat with the code received via SMS”.
- “We detected suspicious activity on your account. Please confirm your identity with the verification code“.
Two-factor authentication is a good way to protect your WhatsApp account
To protect your WhatsApp account, we recommend enabling two-factor authentication. It is an additional layer of security for the user, but it should never, never, share the 6-digit code.
These are some examples cited by WABetaInfo, used to try to convince the unwary user. They are tricky to try to obtain this secret code. Finally, note that WhatsApp will never ask for the code, which is personal and non-transferable.
If they receive any communication from an account that is said to be WhatsApp and does not have a certification “visa”, it is a fake account.
It is possible to recover the WhatsApp account
The user can simply log back into WhatsApp by entering the credentials and waiting for the verification code. Once the Login successful, the remaining open sessions will be closed, leaving possible hackers out.
This procedure brings control of the account back to the legitimate account holder. However, if the other party (hacker) has enabled 2-step verification, they will have to wait at least 7 days before they can remove the applied 2FA.
Only then will they be able to do the Login and protect your WhatsApp account.
4gnews editors recommend:
*The article has been translated based on the content of https://4gnews.pt/conta-de-whatsapp-roubada/ by 4gnews.pt
. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!
*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.
*We always respect the copyright of the content of the author and always include the original link of the source article. If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!