There has been an increasing number of reports of WhatsApp account hacks, and a remedy has become paramount to safeguard users’ interests.
Cases have been reported globally at an alarming rate, which caused Ghana’s Cyber Security Authority (CSA) to react to this since the country’s citizens are affected. According to the CSA, as of April 2024, 187 reports had been filed, the same as the total number of reports for 2023.
Read also: WhatsApp now enables longer status voice notes
Techniques hackers use to dupe WhatsApp users
These breaches result from victims being duped into giving hackers their WhatsApp verification codes.
They could pose as group administrators of WhatsApp platforms, of which the eventual victim is a member. They then craft convincing messages to get their targets to reveal their verification code. Some techniques include asking the victim to share the code that will be sent to them and informing them via text message that an update is being made to their group platforms.
They request the victim share the security code sent to them over the phone to prevent their account from being hacked.
They notify the victim that they have received a mobile money transfer and that to access the funds, they need to disclose the code sent by the offender.
They could post URLs in WhatsApp groups and instruct group members to click on them so they can update their details by sending the code that will be sent to them.
The victim’s account is compromised as soon as the code is shared, allowing unauthorised users to take over the account.
Next, the scammers assume the victims’ identities and deceive their connections.
These criminals occasionally commit Subscriber Identity Module (SIM) Swap fraud, in which they pose as the intended victim to a mobile network provider to obtain a new SIM card. They may also obtain one-time passwords (OTPs) and mobile wallets, causing the victim to lose the capacity to communicate thoroughly.
Victims share their experiences
Adeyemi Oluwatosin, a political activist from Nigeria, shared with a Techpression correspondent how he joined a political platform on Facebook where members were asked to drop their Whatsapp numbers to be added to the political Whatsapp platform. On dropping his WhatsApp number, he received a call telling him that if he wanted to be added to the WhatsApp group, he should call out the verification cold sent to him. Tosin innocently sent the verification code to the scammer, and that’s how he lost his Whatsapp account.
Oluwatosin’s experience was not an isolated case. Still from Nigeria, the FCT Chairman of Africa Action Congress (AAC), Agena Robert Ande, also shared his experience of how his Whatsapp account was hacked through a link he clicked on one of the Whatsapp groups he is in. After taking over his Whatsapp account, the hackers started calling all his contacts to seek financial favour.
He said, “It was so terrible that the WhatsApp groups I created were all hijacked. The hackers, first of all, restricted everyone from sending messages. They were the only people who could drop a message, and there was no way anybody could reply to them. Afterwards, they started sending messages to every member of the platform and my contacts, asking people to lend them money under the pretence that I was the one.”
People are more frequently becoming victims of social engineering schemes and giving away their Whatsapp verification credentials to malevolent parties, which allows them to access accounts without authorisation and even take control of them.
Read also: WhatsApp gets new look with updated designs
How to secure your Whatsapp account
The way forward is how to prevent this and secure one’s account with the following guidelines:
Never divulge your verification code to third parties; handle it like a password and keep it private.
Turn on two-step verification to secure your Whatsapp account further. Select Whatsapp > Settings > Account > Two-step verification > Enable to activate it. When you do this, Whatsapp will ask you to generate a six-digit Personal Identification Number (PIN), which you will need to enter on occasion and each time you register your phone number. This PIN should be kept private.
Watch out for fraudulent downloads or links from unidentified sources.
Check the legitimacy of messages received from unknown numbers.
Create awareness by informing friends and family: Give them this information, especially those who need to know more about internet scams.
Leave a Reply