This is how they can steal WhatsApp from us: why they want it and how to protect themselves | Your Technology | The country
“Hello, dad, I have lost my cell phone and it writes to you from this new number. Can you send me money? I’m in a hurry”. This is how the well-known son-in-distress scam begins, which continues to circulate on mobile phones in Spain and, beyond money, one of the loot that the attackers are after is the owner’s WhatsApp account. The most popular messaging application in the world continues to be the main target of cyberattacks, reaching almost 90% of the total, according to a study published by the computer security company Kaspersky.
Why WhatsApp? “If you get a WhatsApp account, you have credible access to the entire spectrum of friends, family and co-workers,” explains Fernando Suárez, president of the General Council of Computer Engineering Colleges, and this credibility can trigger a request for money, personal data “or even photos, which are then used to extort the victim.”
The son in distress scam, on many occasions, is used to request a delivery of money through Bizum, PayPal or even a bank transfer. This technique takes advantage of the vulnerability of a parent who takes for granted a presumed emergency situation of their child and proceeds to pay without hesitation. Although this technique is initially used from a third-party line, it becomes more truthful and credible if the message comes from the sender’s own WhatsApp account.
And the thing is that, once they have control of the account, the attackers can write from it to the victim’s contacts openly requesting money, as in the aforementioned scam, or more personal information that can then be used to extort the account holder. The sophistication of the attackers even extends to the use of voice synthesizers to emulate the tone of the owner in order to send audios: “Cybercriminals use the compromised account to request money transfers from the victim’s contacts, even using artificial intelligence technologies to imitate the voice of the victim,” reports Kaspersky.
In the same way, whoever has control of the account has access to graphic material and videos, both received and sent, which can then be used as coercion to request money.
What is the attack on the account like?
The first thing to be clear about is that WhatsApp, like the rest of the messaging platforms, has a two-factor verification system. That is, you need to have a temporary code (known as symbolic), which is sent to the mobile phone registered in the account to access it. This is experienced by those who buy new terminals, when they try to configure WhatsApp on the newly purchased mobile phone. A cyber attacker may know the victim’s phone number — the numbers are available on the dark network or dedicated forums, due to leaks and vulnerabilities—but it lacks the aforementioned symbolic to be able to take control of the account.
Therefore, when the attack is carried out, the victim will first receive an official WhatsApp SMS with the temporary code mentioned, and this is where everything happens very quickly. Immediately, the hackers will contact the victim posing as a friend or family member, indicating that, by mistake, they entered their phone number and need that received code. If the victim tells you this, along with the additional security code, you will have lost control of the account and the attack will have been completed.
What to do to protect your account
As usually happens in other attacks that use identity fraud, hackers use the human factor, which is the weakest link in the entire protection chain. To reinforce it, experts recommend adopting the following measures:
- Distrust requests by message. “It is important to remain alert and distrust any message that requests personal information or click on links, even if it appears to come from a known contact,” recommends the multinational Kaspersky. Attacks are increasingly preferred and it is easy to let our guard down when we believe that it is a family member or friend who is writing to us. Suárez refers to this, who speaks of a “previous will of the victim” to warn that “no one receives a code on their mobile phone if they have not requested it before.” Likewise, you should never click on a link if you are not 100% sure of its origin.
- Contact the sender by another means. Cyber attackers often try to trick their victims by posing as family or friends; If this happens, a good solution is to contact them by another means – a phone call may be enough – to verify if this communication is real or not.
- Activate two-step verification. WhatsApp includes an extensive list of security recommendations to protect your account as much as possible. Among them, it is essential to make sure you have two-step verification activated (within the app itself, in Settings > Account > Two-Step Verification). When activated, the platform asks to create a six-digit PIN and, in case the user forgets it, gives the option to add an email account to recover it.
- Use anti-malware and have the device updated. The use of antivirus on mobile phones has always been a source of controversy, especially on the iPhone, but it represents an additional layer of security to detect the virus. malware: works by analyzing and detecting links that may arrive through WhatsApp. Keeping both the WhatsApp application and the phone’s operating system updated also ensures that the latest vulnerabilities are addressed.
You can follow EL PAÍS Technology is Facebook and x or sign up here to receive our weekly newsletter.