Malicious Actors Are Using Voice Call OTPs to Take Over WhatsApp Accounts

Your WhatsApp account likely contains some of the most personal and private information that you would have because of the fact that this is the sort of thing that could potentially end up allowing you to communicate safely. The instant messaging platform has some solid encryption protocols that guarantee much of this safety, so many users feel confident that there is nothing to fear in terms of losing access to this precious account.

With all of that having been said and now out of the way, it is important to note that some malicious actors have been stealing WhatsApp accounts by automating call forward for OTPs that users receive via voice call. CloudSEK CEO Rahul Sasi spoke out about this new method for illicitly gaining access to WhatsApp accounts, since there are only minor hurdles that any accomplished hacker can quite easily overcome with all things having been considered and taken into account.

Malicious actors combine social engineering as well as knowledge of their target’s personal phone number to conduct these attacks. Hackers will call this number and convince the prospective victim to call what appears to be an official WhatsApp number complete with a Man Machine Interface Code. The code might look legitimate, but in spite of the fact that this is the case it is a completely fraudulent number that belongs to the malicious actors themselves.

If someone were to call this number, they would get immediately logged out of their account and the hackers will get all of their log in details as well as the OTP that they need to verify two factor authentication. Victims might try to call the number, but all official calls from WhatsApp will get redirected to the malicious actor’s number instead. Oftentimes they set up two factor authentication with their own phone numbers to lock their victims out of their accounts.

This reveals the importance of being extremely cautious with such things. Malicious actors are continuing to invent new and unique ways to lock you out of your accounts, and even your WhatsApp account might not be safe.

Read next: WhatsApp tests a status reply indicator icon and another cover display option particularly for Business community
Previous Post Next Post