WhatsApp: Trick so that your account is not stolen in the app

Unfortunately, cybercriminals take advantage of the naivete of users to provide essential information about the app And that is why we will let you know step by step how you can prevent your account from being stolen.

The truth is that WhatsApp is one of the most widely used instant messaging applications today, which is why they are an attractive temptation for cybercriminals to dare to steal these types of accounts, largely thanks to the amount of information that is sends and receives through the service owned by the Meta firm.

To achieve this, cybercriminals use various attacks through the application of Messenger service, such as deceptive chains where a prize is promised, or seeking to steal users’ accounts to take advantage of their personal information.

As you may remember, on other occasions we have told you about hoaxes that are carried out by means of the supposed verification of ads, the invitation to a party or VIP event, and the cloning of accounts after stealing the profile photo of the victims.

However, until now, the best way to avoid these scams was the activation of the two-step verification, where the user creates a personal password that is requested at the time of installation of the application.

However, this resource eventually became popular, but not for its intended purpose, as Kaspersky analysts discovered a scheme that, through the use of social engineering and a request to the application support area, circumvents this protection.

It should be noted that the fraud begins with a call to the victim, where the criminals pose as representatives of a health institution and ask to conduct a survey on Covid-19.

At the end of the questions, the fraudster asks the victim to share the code that will be sent to his cell phone to register his participation in the survey and prevent the institution from calling him again.

The entire staging has a clear objective: to make the victim share the six-number code that is sent via SMS, which is actually the code that WhatsApp sends to activate the application on a new phone.

And it is as well as if the victim does not pay attention to the message and delivers the code, their account could be stolen.

The novelty of the scam arises when the criminal finds that the victim’s account has double authentication enabled.

When this happens, the fraudster calls the victim again, but this time impersonating the messaging app’s support team on the pretext that malicious activity has been identified on the account.

If you do not realize that they are actually trying to deceive you and send the code that came to you via SMS, the first thing you will see is a supposed confirmation message in which you make sure that your account is already up to date.

However, just a few seconds later, you will see an alert explaining that your WhatsApp account is no longer linked to that device.