There is a new WhatsApp attack going around. This one is closer to you than you think because it has nothing to do with nation state
There is a new WhatsApp attack going around. This one is closer to you than you think because it has nothing to do with nation state cyberattacks and everything to do with social hacking.
This week a friend in a chat warned the rest of us that her WhatsApp account had been hacked. She asked us not to give away any six-digit codes. Attackers had gained access to her account and captured the phone numbers of everyone in the chat. How it works: once they had my phone number, they could do a new registration of WhatsApp. To complete it, they would need the verification code that WhatsApp sends to my phone via SMS. How would they get that code? Easy, they had hacked my friend’s account so I would simply receive a WhatsApp from my friend (at least I thought it was from my friend) asking me for the code. Obviously, since I trust my friend, I would send her the code and voilà… my WhatsApp would now be hacked. And the process would be repeated with my contacts and so on.
This can be easily prevented by adding another level of security: the “Two-Step Verification” feature. With this, the attackers need the code sent via SMS plus a six-digit pin that only you know. So even if you make the mistake of resending the SMS, they can’t complete the registration.
Activate your WhatsApp “Two-Step Verification” now. It takes less than a minute to set up. Here’s how:
Then enter a memorable six-digit pin:
Now any time someone tries to register your phone number with WhatsApp they will be asked a) for a code that will arrive via SMS to confirm the phone number AND b) the six-digit PIN that only YOU have.