In a cyberattack, it is usually the one who gets hacked stands to bear the biggest lost. But in this case, hackers are using an old trick in the book to con victim's friends and family and probably drain their bank accounts. The very nature of the attack is scary and possibilities endless.
The Telegraph reported the dangerous social hacking, using which hackers are stealing WhatsApp accounts of people by using already hijacked Facebook, Instagram, Telegram accounts to contact victims posing as their family, friends or known associates.
The hack you will fall for
Social hacking is an old trick in the book but works effectively as it has a personal connection. The bad actors are not executing a remote hack, but simply pretending to be having difficulty getting into their WhatsApp account. By making the victims believe, the miscreants trick them into handing over their WhatsApp security verification code, which is a unique bunch of numbers required while setting up a WhatsApp account on a new device.
Once the victim hands over the code, the hackers then activate the WhatsApp account on their phone and start reaching out to the victim's friends and family and ask for money or their bank account credentials.
These are tough times as the world is fighting the novel coronavirus disease. During such sensitive times, people are often looking for ways to help out one another, and hackers might use this to their advantage.
You probably wouldn't turn down a friend or a family member if they ask for financial favour, would you? Except, there's a strong possibility the hackers are posing as your relative to make some quick cash, extract personal information, etc.
What should you do?
If you're always checking your WhatsApp, you won't have to worry about it. You will be notified if you've fallen victim to this hack as you would be logged out. If so, quickly log back in to your account and if possible notify your friends and family about it if they were contacted.
Users must always have two-factor authentication wherever possible. In the case of WhatsApp, you can do so by going into the Settings > Account > Two-step Verification. This way, you will be verified using a six-digit pin whenever a device is changed.