apcid_banner

A.P C.I.D, Cyber Crimes Alert on WhatsApp Account Hijack Scam

A.P C.I.D, Cyber Crimes Alert on WhatsApp Account Hijack Scam- issued by Ministry of Home Affairs.

Modus Operandi:

  • The attacker creates a fake account with the official WhatsApp logo as their display picture posting to be WhatsApp technical team’s account.
  • The attacker then sends a message to the target asking him/her to share the six-digit verification PIN to verify their identity.
  • The target is easily tricked when they see the message coming from an account appearing to be the official team account and share the PIN.
  • In reality, the attacker is trying to login from his/her device into target’s WhatsApp user account to hijack the account.
  • When a user tries to log into WhatsApp account from a new device, a six-digit verification Pin is sent to the user. The attacker tries to obtain this PIN from the attacker, the account gets hijacked.
  • The attackers can then leverage their access to the hijacked account to further send fraudulent messages to friends and family of the target.

Suggestions:

  • Immediately re-verify WhatsApp account, if PIN has been shared with anyone.
  • Never share verification codes sent by Social Media platforms with anyone.
  • It is advisable to activate ‘two-step verification’ for social media accounts, wherever possible. This will enhance your account security and even if the attacker gets access to verification code, a password will still be required to successfully log into the account.
  • Never respond to personal messages asking for PIN or any other sensitive personal information. Social media Apps do not send such messages.

 

 

 

 

Go Back