WhatsAppone of the most popular messaging apps on the planet, is one of the favorite “vehicles” used by IT criminals to perpetrate their scams, trying to steal the personal data of users or blackmail them. Although scams on this platform are not new, hackers use increasingly sophisticated and difficult to recognize methods. The deception methods have changed, evolving from the “classic” phishing to more complex techniques, such as the Theft of the WhatsApp account combined with social hacking. In the latter case, the scammers manipulate the personal relationships of potential victims to obtain sensitive information, taking advantage, for example, the account stolen from a friend or a relative to indulge us to provide private data (such as credit card information) or click on dangerous links. To defend yourself, it is essential to always keep your eyes open and never let your guard down, especially when strange requests are made, even if they seem to come from their contacts.
How the theft of the account on WhatsApp: Social Hacking works
One of the most common scams is the one concerning the Theft of the WhatsApp accounta crime that can happen in a few steps. How does it all happen? Massimiliano Donapresident of theNational Consumer Unionexplains:
One of the most common methods is the sending of an SMS with a verification code, followed by a message on WhatsApp apparently coming from a trusted contact asking to forward that code. Following the instructions, the hacker is provided to access to their account, which will be immediately seized. From there, the scammer will begin to turn to all our contacts, continuing the scam chain.
The danger inherent in this particular attack also lies in the fact that, having taken possession of an account, he can use it to contact his family and friends, thus perpetrating the social hackingperhaps to extort money or to steal other WhatsApp accounts.
In some cases social hacking is perpetrated for spread fake news. One of the longest on the Meta messaging platform is that relating to alleged payment of WhatsApp. For years he has been circulating a message that states that the app will become paid, but only if you do not share a certain message with other users. Of course, it is a fake news: WhatsApp is free and it will remain. A variant of this deception, decidedly more dangerous, invites the user to download an unofficial version of the apppromising additional features. But as Dona himself explains, “By clicking on the link you install a virus that can steal data and damage the phone».
No less dangerous are the Links that promise discounts or gifts. They often come through messages from acquaintances, inviting us to participate in surveys or to take advantage of “incredible offers”. By clicking on these links, however, there is a risk of installing malware or being involved in another scam. Another danger concerns the charity chains Which, in bare mind, try to collect money for false causes. In these cases, the funds never go to the beneficiary organizations that are mentioned in the messages, but end up straight in the scam pockets.
How to defend yourself from WhatsApp scams based on social hacking and identity theft
For Defend yourself from WhatsApp scams based on social hacking and identity theft It is essential to learn to recognize them. In this regard, Dona explains:
There is an alarm bell that helps us to recognize if we find ourselves in front of a scam and it is the language: often fraudulent messages do not start from Italy, but from foreign countries. Although automatic translators have improved a lot, messages often contain grammatical errors or use unusual expressions. If you notice something strange in the text of the message, do not ignore it: always take a moment to reflect before clicking on a link or providing any information. Hurry is often a bad adviser. Ask a friend, look for online or, better yet, contact the person who wrote to you using another means of communication to verify the truthfulness of the message.
And if you want to sleep, we are reasonably quiet, we also suggest you make use of the security tools available on WhatsApplike the Check in two stepswhich can be activated by the section Settings> Account> Check in two steps of the messaging app.