WhatsApp 6-digit code scam: how it happens and how to protect yourself from profile theft

The latest idea from cybercriminals is one scam running on WhatsApp, the famous messaging application developed by Meta, often a “vehicle” of phishing attempts due to its popularity. What some cyber criminals are perpetrating lately is the so-called WhatsApp 6 digit code scam. It all starts by receiving a message from one of your contacts in your address book: «Hi, I sent you a code by mistake, could you send it back to me?», with the request to send the 6-digit code received from the platform. If you agree to the request, however, you will lose access to your account. To defend yourself, you must never agree to requests of this type, even when they come from contacts of trusted people who, in all likelihood, could in turn have fallen into the trap and lost access to their account, now at the mercy of scammers .

How the 6-digit code WhatsApp scam works

Let's look a little closer how does the 6 digit code WhatsApp scam work. If the victim, unaware of who is really behind the request, agrees and provides the hacker (or, better said, the cracker) with the 6-digit code, he will instantly lose access to his profile and the chats present in it. This because the code requested is the one relating to two-factor authenticationthe additional security measure that allows you to access an account only if you have a second “factor” in addition to the password and which, in many cases, consists of a 6-digit code.

Cybercriminals using this technique can also potentially prevent their victims from regaining their account if they change their username and/or phone number.

The scam takes advantage of the user's naivety who, upon receiving the aforementioned message from one of their contacts, could draw the conclusion that there is nothing dangerous behind the request. In reality, the person from whom the request comes was also deceived in the same way and this is what will happen to your account if you fall victim to the phishing attempt.

How to protect yourself from the 6-digit code WhatsApp scam

For defend yourself from the 6-digit code WhatsApp scamtherefore, it is very important do not reply to the suspicious message. The 6-digit WhatsApp two-factor authentication code it should never be shared with anyonefor no reason in the world!

If you have unfortunately fallen victim to this particular attack, you may want to try to remedy the situation attempting to log in to your account again and, once logged in, resetting the access code (to do this just go to Settings > Accounts > Two-Step Verification > Change PIN).

If you are unable to regain possession of the account, perhaps because the scammer has changed the telephone number associated with your profile in the meantime, you have no choice but to report the incident to the Postal Police (even with an online report), hoping that the police will be able to resolve the situation. Furthermore, to “break” the chain of fraud, you would do well to notify your contacts telling them to ignore WhatsApp messages coming from your account (clearly to do this you will have to use messaging systems other than WhatsApp).