WhatsApp-Based Cybercrime
How do Scammers operate?
1. The victim would either receive a call from an unknown number message from a friend (whose social media account may have been compromised) requesting the victim to share a one-time password (OTP) (usually a 6-digit
verification code) sent to the victim’s number as a text message.
2. The scammers apply social engineering, typically creating a sense of emergency
and requesting for the OTP which was sent to the victim. The victim would thereafter
lose access to the account after providing the scammers with the verification code.
3. The scammers, after gaining access to the victim’s account then target persons
and groups on the victim’s contact list as the next potential victims. Through this,
the scammers would impersonate the victim’s friends and promote other
fraudulent activities or solicit funds.
4. The scammers’ request would be on the pretext of helping them to join online groups such as work or school groups or
sign up and claim prizes for fake lucky draws allegedly conducted or joined.
How to secure your account
Never share your activation code with anyone and activate the two-step verification for a safer experience.
How you can do it.
3. Enter a six-digit PIN of your choice and confirm it.
4. Provide a valid email address you have access to or tap Skip.
Note: Providing the email address is recommended. Otherwise, if you forget your PIN, you will have to wait 7 days before you can reset it.
5. Tap Next.
6. Confirm the email address and tap Save or Done.
What To Do If Your WhatsApp Account gets Hacked?
Notify Your Contacts
Report to WhatsApp
Don’t Logout and Log Back In If You’re Receiving Verification Codes
How to recover a hacked WhatsApp account from scammers
1. Log out of your WhatsApp messenger and log in again using your phone number
2. Enter the code the six-digit code sent to your phone number via SMS. This will automatically log out of the scammer.
3. If you are asked to provide a two-step verification code, even though you did not set up one, it means the individual using your account must have activated a two-step verification code.
Since you do not have the code, it means you have to wait 7 days again before you can sign in without the two-step verification code.
Remember the scammer cannot continue any chat with your contacts and they cannot even get access to your WhatsApp account during this period.
The scammer will log out immediately after you logged in with the 6-digit SMS code.
General Recommendations
The following measures are recommended to prevent online scams:
▪ Never share your social media application account verification codes with anyone.
▪ Protect all your social media application accounts by enabling the ‘Two-Step Verification’ or ‘Two-Factor authentication (2FA)’ feature.
▪ Be aware of who has physical access to your phone. If someone has physical access to your phone, they can use your account without your permission.
▪ Do NOT be impulsive - Beware of unusual requests from strangers or even your social media contacts.
▪ Do NOT believe - Be wary of claims that you have won a prize, especially if you have not participated in any campaign or lucky draw. Check official websites to determine whether the lucky draw offers are legitimate. Always verify the authenticity of the request by contacting your friend, but do not do so through the social media platform as the account might have been taken over .by scammers
▪ Do NOT give - Do not transfer money or give out your personal information, bank account or credit/debit card details, and One-Time Password (OTP) to anyone, including family and friends.
▪ If you are contacted by anyone claiming to have images and/or videos of you of an intimate nature requesting payment in exchange for not releasing them to the public, report it immediately to the CSA’s Cybersecurity/Cybercrime Incident
Reporting Points of Contact for guidance. Do NOT make any payments.
Comments
Post a Comment