The innovation of social media has changed the way the world communicates. One of the most used platforms is WhatsApp, and its popularity has made it a target for years of cybercriminals seeking to hack accounts.
With calls posing as parcel companies or services that require a code to confirm or reject a procedure, cybercriminals steal accounts and obtain sensitive information and contacts. Therefore, the first minutes can be essential to recover the account, as well as the level of security it has.
This essential tool of the digital world, where we interact through work, family and personal relationships, has become a vault of personal and confidential data, which makes it attractive to cybercriminals, highlights Eset.
Mario Micucci, Security Researcher from Eset, highlights that the theft of WhatsApp accounts does not occur mainly due to the technical “hacking” of the application, but rather due to taking control of the account through social engineering scams. The expert points out that, in the most common cases, cybercriminals get the victim to share the six-digit verification code that WhatsApp sends by SMS or call, actions that facilitate account theft.
Another method used is fraud through identity theft, fake support pages, number theft by SIM swapping and use of compromised devices malware either spywarehighlights Micucci, which makes the account and the information handled by the user vulnerable.
Marco Antonio To, director of the Master’s Degree in Cybersecurity at the Galileo University, highlights that another method used is the theft of sessions on shared devices or through malicious links, although he highlights that in most cases the user voluntarily provides the information.
Can a stolen or hacked account be recovered?
The experts consulted highlight that a series of simple steps must be followed for the recovery process.
Step by step for recovery
- Uninstall and install the application again.
- Register the account with the phone number and linked email.
- Enter the phone number in WhatsApp and request a new code by SMS or call.
- Correctly enter the received code so that the attacker’s session is automatically closed.
“Under normal conditions, the person can recover the account immediately by entering that code,” says Nery Alvizures, SISO at the Universidad del Valle de Guatemala. However, there are more complex situations in which criminals activate two-step verification, making the process difficult and forcing you to go directly to WhatsApp support.
To do this, the user must communicate with the platform, fill out forms and wait for a response in a period that varies between 24 hours and seven days, explains the expert.
Can the attacker change the account number or activate two-step verification?
Mario Micucci explains that, if the attacker took the account and activated two-step verification, recovery can be complicated because the user will have to enter the PIN or, in some cases, wait for the security period applied by WhatsApp.
“If the victim had previously uploaded a recovery email, they can use it to reset the PIN. If they did not have it associated, the process may take longer and it is important to start the recovery as soon as possible and follow the official support channels,” he adds.
WhatsApp can be compromised by cybercriminals, mainly when the user provides data such as the verification code. (Free Press Photo: Shutterstock)
What to do if the cybercriminal protected the account or changed the number?
If the account was additionally protected by the attacker, shares Marco Antonio To, official WhatsApp support must be contacted by email.
Through support@whatsapp.comthe user must place the message in the subject: “Stolen/lost account: Please deactivate my account”, and include in the content the telephone number with the country code.
After that, shares To, the user must verify their identity and follow the steps indicated by WhatsApp to try to recover the account, a process that may take some time.
“Acting quickly is key to reducing the impact and preventing the attacker from continuing to use the account,” he adds.
What are the risks of the theft of a WhatsApp account?
When a WhatsApp account is stolen, time is of the essence, experts highlight, given that the attacker can impersonate the user and generate trust to commit fraud, especially when requesting money from close contacts, highlights To.
For his part, Micucci explains that the attacker can take advantage of contacts to send malicious links, distribute advertising campaigns, phishingimpersonate the victim’s identity and take advantage of prior trust to spread the fraud.
Nery Alvizures highlights that, depending on the level of connections that the WhatsApp user has with other social networks, the cybercriminal can even access linked platforms through verification.
“In other words, a hijacked account becomes a tool for fraud and propagation,” Micucci highlights.
User errors that facilitate account theft
Account theft varies depending on the level of protection the user has. Nery Alvizures highlights that overconfidence can become the main vulnerability, since some people share the verification code after receiving unverified calls, especially when they do not have two-step verification activated.
It also happens when they enter links of unknown origin or click on suspicious emails, he points out.
Recommendations
- Enable two-step verification as it adds an extra layer of security.
- Never share codes sent by text message.
- Keep the phone’s operating system and also WhatsApp updated.
- Have antivirus.
- Constantly review which devices are linked to the WhatsApp account.
WhatsApp can be compromised by cybercriminals, mainly when the user provides data such as the verification code. (Free Press Photo: Shutterstock)