Thanks to LANCELOT DIGITAL
It is not hacking, but identity theft what they try to do with their mobile
Thousands of Lanzaroteans are suffering a generalized attack on their mobile terminals with the aim of taking over their WhatsApp account and their contact list, but, as the Civil Guard warns, it is not a hack because they are not trying to access the bank details of the users, it is an identity theft.
The “modus operandi” of those who start it up is as follows: the user receives a message by WhatsApp requesting a six-digit verification code that has previously been received on the phone and that comes from a person on the contact list itself. , so it is usual that everyone tends to trust.
According to the complaints received by the Civil Guard, users receive a message through WhatsApp that says “Hello, I’m sorry, I sent you a 6-digit code by SMS by mistake, can you pass it to my phone, please? it is urgent ” .
The method of this possible identity theft, according to the Civil Guard, is that “the attacker, once the application is installed on a device of his property” enters the telephone number of the possible victim. Then, “the system sends an SMS message to that number, with a verification code that must be entered in the application to verify that it is the correct user and finish the installation.”
The attacker would pose as “an acquaintance of the victim, who had previously impersonated or taken control of his account, sends him a message asking him to resend an SMS with a numerical code that he needs and that he would have sent by mistake “.
That SMS that the attacker requests from the victim is the message sent by the app with the verification code for the installation of the application. If the victim facilitates it, “the attacker obtains control of the account on his device and with it access to all the groups to which the victim belongs, as well as access to all his contacts,” explains the Civil Guard.
In addition, they link to the recommendations of the Internet Security Office (OSI) in case you have already forwarded it. As stated by the OSI, you should try to contact WhatsApp administrators to recover your account and notify your contacts of what happened so that they do not fall for the scam.
In the event that a person suspects that their WhatsApp account has been stolen, it is appropriate to notify your family and friends that this person could impersonate you in your individual and group chats. WhatsApp also clarifies that its conversations are end-to-end encrypted and that the chats are stored on the phones themselves, so if someone accesses from another device they cannot read past conversations.
Two-step verification to avoid attacks
The Civil Guard recalls that “the best-known messaging applications integrate various security systems to avoid as much as possible being victims of this type of situation”, such as two-step verification, which is “an optional function that adds more security to the account, making any verification attempt must be accompanied by a PIN number, previously created by the user and known only to him. ” The Civil Guard urges the use of two-step verification.
In this way, we manage to add an extra layer of protection to the application: if someone tries to access it, we will have a second way to authenticate our identity other than by SMS. In the link we will tell you about this process.
How to recover the account in case it has been stolen?
WhatsApp explains on its website that you have to register in the application and verify the number by entering the six-digit verification code that you receive by SMS. Verifying a phone number on WhatsApp is explained in the following video:
Once you enter the six-digit code received by SMS, the session of the person who has access to your account will be automatically closed.
You may also be asked to enter a two-step verification code. If you don’t know that code, the person with access to your account may have activated 2-Step Verification. In that case, you must wait seven days to verify your number. However, regardless of whether the attacker has activated this option, their session will be closed as soon as the six-digit code received by SMS is entered.