A new insidious scam threatens WhatsApp users and allows you to take possession of their accounts. The first attacks have been observed in India, but they could soon spread on a global scale, for this reason it is advisable to inform and not be unprepared.
The scam was first reported by expert Rahul Sasi, founder of the security company CloudSEk. Cybercriminals have successfully set up a scam that allows them to “hijack” WhatsApp user accounts using phone calls.
The principle is as simple as it is effective, criminals use the call forwarding service which allows users to hijack a call when their mobile user is busy. Attack is possible when the victim is convinced to dial a telephone number which in fact instructs the telephone operator to forward the calls to another user.
In the scheme identified by Sasi, the attackers contact the victims by telephone and with social engineering techniques require them to dial a telephone number consisting of strings ** 67 * and * 405 * followed by a 10-digit number representative of the number controlled by the striker. These number sequences instruct Indian telephone operators Jio and Airtel to enable the call forwarding feature.
Once this number has been dialed, phone calls and text messages sent to the victim’s number will be forwarded to the attacker’s number, without the victim noticing it, when she is engaged in another call. At this point the game is done, while the victim is engaged in another conversation, the attacker starts the process of registering the WhatsApp account associated with the number to the number of the victim. The OTP code to validate the operation will be forwarded to the attacker number previously set as the recipient of the call forwarding service.
Once the procedure is completed, the victim will no longer have access to their WhatsApp account.
Access to victims’ WhatsApp accounts exposes their privacy to serious risks, as well as to potential fraudulent and extortionate actions. Not infrequently, in fact, victims are the object of money requests from criminals to get back their hacked social accounts.The technique used in India could be used in countries where telephone operators allow you to activate forwarding. of calls by dialing a code followed by the number intended to receive the calls. It must be said that this method is very common internationally and also our telephone operators allow the forwarding of calls through codes such as:
* 21 * + destination phone number + #
*61* + destination phone number + #
For this reason, pay attention to any request to dial numbers with the structure shown above and which may reach us through any channel, including telephone calls.