WhatsApp Phishing Campaign Alert
TTCSIRT has been made aware of an ongoing WhatsApp phishing campaign targeting users. Attackers are impersonating known contacts to trick victims into compromising their accounts.
Methods of Attack:
Deceptive Message: Victims receive messages from seemingly legitimate contacts, often requesting a favor or vote. This message may look like the following: “Blessings hope all is well with you. Can you do me a favour please? I need your vote as a brand ambassador.”
MFA Code Phishing: The victim is prompted to share a verification code received via SMS or WhatsApp. This code is used to authenticate the user’s identity and grant the attacker access to the account.
Account Takeover: Once compromised, the attacker converts the account to a business profile.
Secondary Phishing Attacks: The attacker leverages the compromised account to launch further phishing attacks on the victim’s contacts.
TT-CSIRT urges the public to continue reporting these cyber-crime incidents to TTPS Cyber-crime and Social Media Unit via the information at the following link: https://ttcsirt.gov.tt/ttps-cyber-crime-unit/
About stolen WhatsApp accounts
You should never share your WhatsApp SMS verification code with others, not even friends or family. If you’re tricked into sharing your code and lose access to your WhatsApp account, read the instructions below to recover your account.
If you suspect someone else is using your WhatsApp account, you should notify family and friends as this individual could impersonate you in chats and groups. Please note, WhatsApp is end-to-end encrypted and messages are stored on your device, so someone accessing your account on another device can’t read your past conversations.
How to recover your account
Sign into WhatsApp with your phone number and verify your phone number by entering the 6-digit code you receive via SMS. Learn more about verifying your phone number in our Help Center: Android | iPhone.
Once you enter the 6-digit SMS code, the individual using your account is automatically logged out.
You may also be asked to provide a two-step verification code. If you don’t know this code, the individual using your account may have enabled two-step verification. You must wait 7 days before you can sign in without the two-step verification code. Regardless of whether you know this verification code, the other individual was logged out of your account once you entered the 6-digit SMS code. Learn more about two-step verification in this article.
Note
- If you have access to your account and suspect someone is using your account via WhatsApp Web/Desktop, we recommend that you log out of all computers from your phone.
- To protect your account, WhatsApp will notify you when someone tries to register a WhatsApp account with your phone number. Learn more in this article.
- Be aware of the phone number of the contact sending you links or requesting information. Ensure the number matches the contact claiming to be.
Resources
- For more account security tips read our Account Security Tips article.
- If your phone is lost or stolen, see the article Lost and stolen phones.
- If you received a verification code without requesting it, read this article.
Source: https://faq.whatsapp.com/general/account-and-profile/stolen-accounts/?lang=en