A formidable scam has been rife for a while on WhatsApp. It allows hackers to seize your account and all the data associated through a message that seems to come… from WhatsApp itself!

A formidable scam has been rife for a while on WhatsApp. It allows hackers to seize your account and all the data associated through a message that seems to come… from WhatsApp itself!

With more than 2 billion users worldwide, WhatsApp is a target of choice for cybercriminals. Many crooks thus use the famous messaging to set up scams aimed at seizing personal data, hacking devices or, more simply, to extract money. Because if WhatsApp is renowned for its high level of security, there remains an impossible flaw to fill: you.

Thanks to social engineering techniques, cybercriminals are able to access your account. We think for example of the false security warning, or the six -digit fraudulent text. This time, with this new scam, the pirates send phishing sms with the same phone number as that which WhatsApp uses to send its confirmation codes, as thereported a user on Reddit.

The message actually seems to come from WhatsApp itself, since the device displays phishing messages under the official number of instant messaging, with real SMS messages sent previously. The mention “WhatsApp” indeed appears as a sender. This gives the message a certain authenticity: the alleged sender has already proven that he was trustworthy via past shipments.

The message obviously contains a link, which refers to a false WhatsApp page with a rather talkative chatbot. The latter “guides” the victim through the “verification process”, which is actually used to obtain access to the WhatsApp account. For this, the crooks take advantage of the coupling between the smartphone and the browser.

Indeed, each time you configure WhatsApp on a new device, instant messaging sends a text with a single -use code. Code that must be entered in the application to identify on the device in question. By entering this famous code under the instructions of the chatbot, the victim gives the crooks full access to the WhatsApp account. Thus, they can read all the messages and send them themselves under the name of the victim in order to obtain other personal data.

To avoid being fooled, you must activate the double factor identification by going to “parameters”, then “account”, then “verification in two steps”, and finally “activate”. This allows you to add an additional protective layer. It is also better to check in the WhatsApp menu, under “related devices”, which devices currently have access to the WhatsApp account and delete all those who are no longer actively used. In any case, you should never share the activation code of your account – the famous six -digit code. Finally, unwanted messages should not be answered, but blocking their sender. To do this, simply maintain the message bubble, select “report” and follow the instructions displayed.