WhatsApp is one of the most popular chatting apps on the planet and it is no stranger to different kinds of scams. Now a new fraud has surfaced which is able to take over your WhatsApp account through a simple call.
It was reported by the CEO of cyber security firm CloudSEK, Rahul Sasi. He says that victims of this WhatsApp exploit receive a phone call from an attacker who convinces them to call the following number “**67*<10 digit number> or *405*<10 digit number>”. Within minutes of calling, your WhatsApp account is logged out and the hacker gains complete control.
How it Works
Sasi goes on to explain what actually happens behind the scenes. He says the number the attacker makes you dial is, in fact, a call forwarding request for either Jio or Airtel, two of India’s popular cellular service providers. The attacker is simply tricking you into forwarding your call to a number they own.
Once the call is forwarded, the attacker activates WhatsApp’s account registration process for your phone number and chooses the option to receive the One Time Password (OTP) via phone call. But since your phone is engaged, the OTP is forwarded to the hacker’s phone, letting him breach your account.
The fraud is prevalent in India, but it works globally since every country and service provider has a similar service request number.
We advise our readers to beware of any suspicious calls or messages received on WhatsApp. It is better to not engage with such calls or messages whatsoever and warn others if you receive something similar.