«I got hacked WhatsApp”. “Do not reply if you get messages from my Facebook”, most people have heard someone say one or both of these phrases. And it is that this activity has become one of the most common and profitable among cybercriminals these days.
Faced with this situation, the Dominican Popular Bank offers very important information on his blog so that people avoid being another victim of this type of fraud.
How does identity theft work through WhatsApp?
Recently, criminals have focused on two attack methods:
- access theft
- profile photo theft
You might be interested in reading: WhatsApp now allows video calls with up to 32 participants
Stole from access a WhatsApp
The attacker takes advantage of the installation process that only uses SMS to confirm ownership of the phone number.
If the victim’s WhatsApp does not have “Two-Step Verification” activated, which works as a confirmation code and is the only protection, the criminal will use social engineering to steal the SMS.
Stole from Photography from profile
This attack has two victims:
1. Someone who has been impersonated
2. Someone who will be robbed of money or information
This type of attack begins by stealing the profile photo of someone who does not have it protected (victim 1) and makes their acquaintances (victim 2) believe that they are talking to victim 1. In the next phase of the attack, the victims of the second group They receive messages asking for money, help or simply to forward messages via SMS or email, and thus steal access to another social network.
To protect against this attack, you must configure the “Privacy on WhatsApp”, so that the photo, information and states can only be seen by contacts.
How does identity theft work through Facebook?
The cybercriminal uses the functionality “Forgot your password?” (look below).
This allows that, with only the cybercriminal knowing the cell phone number, they can start the recovery process, which triggers an SMS text message or an email.
In the final step, the criminal tries to obtain the code by abusing the ingenuity or ignorance of the victim (social engineering), posing as someone they know who needs help, and requires the code in the email or SMS. To avoid falling victim to this scam, do not share the recovery code by any means, be it text messages, voice messages or calls.
Questions frequent:
For than a acquaintance requests the code?
Most of the time the code is requested by a person who pretends to be an “acquaintance” but is not, it is the criminal who has already taken over the contact account.
Than win the criminals with this?
They use the identity to talk to anyone in the affected circle and request bank transfers for a supposed “emergency.” The fraud cycle will continue, trying to steal the account of all contacts, requesting the code as if they were the victim. If a criminal manages to get sensitive information (financial, personal, passwords, among others), he will use it to extort or request money not to publish it.
How to avoid what happen?
If you already know how they do it, prepare the defense:
1. Do not provide the confirmation code that you receive through WhatsApp or any application such as Facebook, Instagram, among others.
2. Beware of requests for help in an emergency of a known assumption. Before making a bank transfer, verify that the beneficiary is a person you know through a call or video call.
3. Activate two-step authentication, for WhatsApp and others
applications like Facebook, Instagram, etc. With this, access to the account will only be possible through two authentication factors.
what to do if do you fall?
You can recover the account immediately by opening WhatsApp on the device and trying to sign in using the phone number. The confirmation code will arrive, which you will place in WhatsApp to access again.
In the event that the cybercriminal has activated the second authentication factor and cannot access, the account will be disabled for 7 days. You will not have access for this time and neither will the criminal.
If the criminal did not activate the second factor of authentication, you will have recovered the account.
You must notify contacts and family members that the account was stolen.
The bank indicates that in the event of any fraud or cybercriminal activity with a corporate phone, you must report it to the SOC (Security Operations Center) at infopop 6666 or send an email to [email protected]
“In the SOC there is a team of professionals that works 24 hours a day, 365 days a year, attending to cybersecurity incidents involving Grupo Popular employees,” he concludes.
For more details: https://www.popularenlinea.com/personas/Paginas/Home.aspx
