Have you ever received a message from any of your contacts that reads something like this; “Hello, I’m having trouble and asked WhatsApp to send you my sms code”?
Well, if you have received such from a friend, his/her line had most likely been hacked, and the hackers were trying to do same to yours.
recent research conducted in Australia showed that in 2019 alone, Australians have lost almost $90 million. The figures rose by 62% during the period the COVID-19 lockdown lasted, with one in every 6 social media user falling victim.
According to the research conducted by software security provider, NortonLifeLock, this was common across WhatsApp, TikTok and Instagram, getting even more young people who considered themselves too smart to be scanned.
How is this possible?
WhatsApp is a messaging application linked to your mobile phone number. The app is designed to be used on one device at a time, with an advanced end-to-end encryption that only allows sender and receiver to see the messages.
Any attempt to log in from another device requires a 6-digit verification code that only the owner of the sim card has access to.
When the hacker tries to access your WhatsApp account from another device, the app prompts for the 6-digit verification code.
Now, this is where you have to be alert. The hackers will try to get the six-digit verification code by any means.
They could claim to be calling for any reason, and then request the code to verify that you really own the sim card. Or they could claim that you are the beneficiary of some windfall, and they need the code to confirm.
The sad part of it is that as soon as you fall victim, all your contacts become potential victims as well, because they now utilise the access to send a WhatsApp message to them.
The message could also be asking them for their verification code, personal or financial details, or it could start out as romance or online dating where the victim is roped into believing that he is in some sort of romantic tryst.
Worse still ask them to make payment for some product or service they would never receive, or offer juicy deals where they claim to double the victim’s supposed investment.
Quick tip here; Never make payment, or give out a loan to any contact based on a WhatsApp message. No matter how stranded the person claims to be; insist on a voice or video call before sending money into any account.
Personal details, pins and codes should be a no-no. Any verification code, token or pin sent to your sim card is not meant to be divulged to anyone else. Giving it out allows the hackers to impersonate you.
So what if you discover you have been deceived into giving out your details?
Quickly try to change your passwords and deactivate all online transactions on your accounts. If you can reach your bank, place a hold on transactions of any kind and freeze your cards. This authorises your bank to disregard any request to move out funds from your account, until you say otherwise.
This can only work if you discover really fast, but as advised, it is a situation best avoided.
What to look out for?
According to Cybersecurity expert Mark Gorrie, the first red flag to look out for is “spelling mistakes or poor grammar”. Fortunately, the scammers are not that ‘smart’ and they make errors which they keep sending to their potential victims repeatedly.
Once you find that your contact (friend or client) is sending you a message containing spelling errors, don’t ignore it. Place a call across and find out what is going on. Scammers almost never take such calls and if they do, you will figure out that you have the wrong person.
Another thing to beware of is generic greetings or URLs that don’t match the company in the message. Often, such urls could take you to sites where you are then asked to fill in personal and sensitive data.
Importantly, if the offer looks too good to be true, it most likely is.