Beware of WhatsApp Verification Code Attacks that Steal Payments


The National Cyber Security Centre (NCSC) of Ireland has warned about a growing trend of WhatsApp verification code scams targeting users.

These scams are not only compromising personal accounts but are also being used to steal payments and sensitive information. Here’s what you need to know to protect yourself.

EHA

How the Scam Works

The scam begins with the attacker obtaining the victim’s phone number. They then enter this number into WhatsApp’s login screen, triggering the app to send a verification code to the victim’s phone.

Are You From SOC/DFIR Teams? - Try Advanced Malware and Phishing Analysis With ANY.RUN -14-day free trial

The scammer, posing as a trusted contact, contacts the victim via WhatsApp, claiming urgency and requesting the verification code.

This impersonation is possible because the scammer has already compromised the account of someone the victim knows.

Beware of WhatsApp Verification Code Attacks that Steal Payments
Fake WhatsApp Verification Code

Once the victim shares the verification code, the scammer can access their WhatsApp account. This access can lock the victim out, further spread the scam, or exploit the victim’s contacts.

The consequences can be severe, leading to additional security breaches and potential financial or personal losses.

Protecting Yourself from Scammers

To safeguard against these scams, the NCSC recommends several precautionary measures:

  1. Keep Your Verification Code Private: Treat your WhatsApp verification code like a secure password. It should never be shared with anyone. Remember, WhatsApp will never request this code directly.
  2. Activate Two-Step Verification: To enhance your account security, enable two-step verification. This feature requires a PIN and a verification code and adds an extra layer of protection. You can activate it in WhatsApp settings under Account > Two-step verification.
  3. Be Cautious of Urgent Requests: Even if a message appears from someone you know, be wary of urgent requests for money or sensitive information. Always confirm their identity through a phone call or another trusted method.
  4. Report and Block Suspicious Activity: If you receive suspicious messages or encounter questionable accounts, report them within WhatsApp. Press and hold the message, select “Report,” and follow the on-screen instructions.

If you suspect your account has been compromised, contact WhatsApp support immediately at [email protected]. The NCSC emphasizes the importance of staying vigilant and informed to protect against these evolving cyber threats. 

Protect Your Business with Cynet Managed All-in-One Cybersecurity Platform – Try Free Trial



Source link