Whatsapp

Handling Post Cyber Attacks on different social media platform

1. WhatsApp

i)                            Fake messages

·  Simple message such as a message from a manager or employee asking to purchase gift cards on an urgent basis as they are in an important meeting.

·      Fake Job Scam

·  Scammers often craft fake job messages designed to fool users into disclose personal information. These fake messages can be alarmingly convincing, asking you to input credentials or verify account details.

·  You give details and you are hacked.

·  How to Prevent falling for such scams?

·  Do not reply to any messages from suspicious numbers offering Jobs or any other type of offers. It is advised to block such numbers right away.

·  Do not download any app that seems suspicious or that an unknown individual suggests.

ii)                        Missed voice and video calls from various Country codes.

·  Answering or returning these calls can result in such attacks.

·  Attackers send a message to the target claiming that they have dialled the wrong number or expressing urgency to communicate about an important matter.

·  They may pose as a friend, a family member, or even a representative from a trusted organization.

·  The message often includes a request to share a code or personal details, such as account credentials or financial information.

·  The scammer preys on the target’s curiosity or concern, hoping that they will unknowingly provide the requested information.

·  The attackers gain unauthorized access to their WhatsApp account, using it for malicious purposes like spreading spam, scamming contacts, or extracting more sensitive details.

·  How to Prevent falling for such scams?

·  If the person is claiming to be any of your trusted individuals call back and verify their identity before sharing any information.

·  Do not make any transaction without verification if it’s request over a message.

iii)                    Two-Step Verification Scam

·  Attackers set up two-step verification on the victim’s account. The user might be locked out of their account for days, losing control over their data.

·  The victim receives messages from a suspicious number that contains a code.

·  The unknown number will apologize for sending their Verification code to your number and press you to share the code.

·  Once you share the code your account will be taken over by the attacker.

·  How to Prevent falling for such scams?

·  WhatsApp sends these codes as push notifications when you register your phone number on the app. This could happen if someone mistyped your number or is trying to take over your account. 

·  If you get a text message with an unexpected code, delete it. Block any WhatsApp user that asks you to send them a code or PIN. Finally, turn on two-step verification if you receive multiple one-time codes out of the blue.

iv)                    Account Impersonation / Hacked Account

·  The most common scam at this time is WhatsApp impersonation, where the attacker pretends to be someone you know or trust. This can be your parents, friends, or mostly colleagues of the company you work at or even the CEO of a company.

·      In this type of attack, attackers gather information on the CEO or the target they are going to impersonate via LinkedIn or any other social media.

·      The attackers then use their names and pictures and send messages to the victim.

·      The messages will be well crafted and will have a sense of emergency to make the victim ignore to fact-check such messages.

·       Mostly these messages will have financial gains or personal information leaks and have a high rate of success as they appear from a trusted source.

·      How to Prevent falling for such scams?

·  WhatsApp sends these codes as push notifications when you register your phone number on the app. This could happen if someone mistyped your number or is trying to take over your account. 

·  If you get a text message with an unexpected code, delete it. Block any WhatsApp user that asks you to send them a code or PIN. Finally, turn on two-step verification if you receive multiple one-time codes out of the blue. 

Overall ways to Protecting Yourself from WhatsApp Scams.

1. Call to Confirm

·  Always be wary of any message that induces panic, offers unrealistic deals, or asks for personal information.

·  Unusual urgency or pressure is often a sign of such an attempt.

·  Always call and verify who is on the other side before sharing any information.

2. Be wary of urgent money requests

·  Scammers always cause of sense of emergency on money requests.

·  Always question urgent requests for money.

3. Report to WhatsApp

·  Report any suspicious activity to WhatsApp right away.

·  They can work on shutting down these fraudulent accounts and ensure other users are not impacted.

4. Never answer a WhatsApp call from an Unknown Number

·  Attackers call random users from mobile numbers obtained from possible data leaks using international numbers to pose fake job offers etc.

·  It is suggestion not to attend any unknown call over WhatsApp and block such numbers immediately.

5. Change WhatsApp privacy settings

·  Change your privacy settings to view your last seen, profile picture, and to only contacts or nobody.

6. Set up 2FA

·  Two-factor authentication helps to improve the security of any online account, not just your WhatsApp account.

·  What’s app 2FA is particularly useful, as it occasionally frequently asks your second password even when what’s app is open and in use by you. Thus, it secures WhatsApp account, if phone is lost or misplaced.

·  Setting up this ensures an additional layer of protection when you log into an app. A one-time code is sent to your phone, email, or authentication app before you can log in to WhatsApp.