As we all know each WhatsApp account is tied to a phone number, and hackers are calling these phone numbers directly and employing social engineering techniques to trick victims into handing over their WhatsApp accounts. However, victims may not suspect that the calls legitimate ones.
Rahul Sasi, founder and CEO of CloudSEK, a cybersecurity AI firm, recently drew attention to a phishing attack that targets WhatsApp accounts and leverages phone call forwarding.
How they do it
The number usually starts with either a asterisks or hash symbol. As per the publication, these codes are easily found, and most of the major mobile network operators support them.
Calling this number forwards all future calls to the attacker-owned endpoint. After that, the process makes very easy for the attacker. Hackers initiate the WhatsApp registration process on their device, and receive the OTP via voice call.
Putting the idea to the test, BleepingComputer has found that it generally works, although with a few caveats. First, the attacker needs to trick the victim into using an MMI code that forwards all calls, not just those that are made while the line is busy.
Then, they need to make sure the victim is busy for long enough to miss the text message informing them that their WhatsApp app is being registered on another device.
If the victims phone is already enabled with forwarding calls ,the attacker will try with the other number which is social engineering techniques.
To secure your WhatsApp account with Two-step verification, follow these steps:
- Open WhatsApp settings
- Tap Account > Two-step verification > Enable
- Enter a 6 digit PIN and confirm.
- Provide an email address in case you ever need to reset the PIN.
- Tap next. Confirm email.
- Tap save or done.