WhatsApp has become one of the favorite means of cybercriminals to commit crimes. The techniques are varied. From posing as a brand that is giving away something to alleged calls by the health authorities to confirm registration for the covid-19 vaccine. But now a new deception campaign has emerged that aims to steal your account.
As you must surely remember, a few weeks ago the new terms of service policy for the messaging app came into force. This caused a lot of controversy around the world because many people, and even governments, saw the update as a privacy risk for users. Facebook had initially warned that it would send recurring messages to users who had not agreed to the terms by May 15, otherwise it would start restricting the service. He then noted that he would apply the changes, but would no longer limit features to those who didn't accept it.
The scam is precisely related to the WhatsApp update. Computer criminals are sending users a message stating that the app is not up to date and it is necessary to verify that it is in use to continue using it.
The message actually seems to come from the technical service of the app. The contact image is the company logo and appears to come from an automated system. The message explains that WhatsApp will send a six-digit verification code to the cell phone that must be shared if you want to continue using the service.
Indeed, a few seconds after receiving the alert via WhatsApp, an SMS arrives on the potential victim's cell phone with a code to confirm the account. In this case, the message is indeed sent by the company, so the user trusts that they are telling the truth and they have to send those six numbers.
The reality is that the criminal requested access to your WhatsApp account on another device. He only had to download the app and put his cell phone, the element he was missing was the verification code to be able to enter your chats and contacts.
If you don't realize that they are actually trying to trick you and you send the code that came to you via SMS, the first thing you will see is a supposed message confirmation in which it is ensured that your account is already updated. However, just a few seconds later, you will see an alert explaining that your WhatsApp account is no longer linked to that device.
To recover your profile, all you have to do is uninstall the app and download it again. Then follow the authentication process, enter your cell phone number and ask for the verification code. The bad news is that since this has just been requested and confirmed by someone else, you will have to wait around six hours, which is plenty of time for criminals to commit scams on your behalf.
Because of the above, you should also be very careful with the messages you receive from your contacts. And it is that criminals take advantage of the fact that they already have access to your groups and contacts and begin to send them messages in your name stating that you had an emergency, for example an accident, and you urgently need money.
Since people recognize the mobile number and profile data, many are willing to help and deposit money to the account they are told without suspecting that they are actually being scammed.
So the recommendation is, first, to ignore a message that supposedly comes to you from WhatsApp, since it is not the way they get in touch with their users, if you fall into the trap, try to notify as many people as possible you may have in your chat list. And, also, if you get to receive a message from one of your contacts asking you for money urgently, it is better that you check that it really is who they say they are through a call and other messaging apps.
Finally, we recommend that you tell your friends and family about this form of fraud so that they do not fall for it.