Many complain today of their WhatsApp account being hacked, but the question is, was your WhatsApp account really hacked?
The fact is that your WhatsApp was never hacked. You were only tricked into giving out your WhatsApp account to an unauthorized third party.
Hacking WhatsApp itself is not an easy thing to do. Therefore, even if it were done, your account wouldn’t be the only target.
In this post, we will discuss three common ways used by scammers and hackers to steal your WhatsApp account and ways you can avoid them.
Three Ways Your WhatsApp Account Gets Stolen From You
1. Through Social Engineering
Social engineering is a common way most online account stealing is done these days. Gone are the days when you would expect a scammer to call and ask you to send your OTP or 2-factor code. Scammers have found subtle ways of getting you to deliver the code to them without your noticing.
The number one way they can do that is through a free online class, voting, promotion, or grant registration. In this process, the scammer will get you to fill out a form, through which they will try to reset your account. Then a code will be sent to your phone, making you think that the code is still part of the ongoing registration process. This way, you will willingly give out your secret code without any suspense.
Another way scammers can take over your account is through call forwarding codes. In this case, a scammer might send out a chat message to many, asking them to dial a code like this one here: **61*0831234567# on their phones for them to get free mobile data or airtime. Luckily for the scammer, many will fall victim to the trick without knowing that the code is to forward their incoming calls to the scammer’s phone.
Most times, the scammer might go the extra mile to fulfill the mobile data or airtime promised. This is to make the victim recommend more of their friends as prey.
Then the scammer will target the victim when they are asleep to reset their WhatsApp account. This time, the scammer will use voice calls as an option to receive your OTP code. Then, due to your calls having been diverted to the scammer’s phone, he will be able to receive the call on your behalf. Boom! Your WhatsApp is gone.
2. Through DNS Spoofing or Poisoning
This is a tactic where a hacker tricks you into visiting a fake WhatsApp website without your knowledge.
One way a hacker can do this is through DNS poisoning. In this case, the hacker might write an executable code file that, when you click on it, will change your system’s host file’s content.
Therefore, whenever you try to visit the WhatsApp website on your computer, you will be redirected to the hacker’s fake website. This fake website by the hacker will also contain a fake QR code.
So, whenever you intend to set up your WhatsApp account on your computer, you will end up giving it out to a hacker.
Another way this can be done is by a hacker sending you a phishing link to a website resembling the WhatsApp website. Thereby deceiving you into scanning the fake QR code on the website with your WhatsApp web.
3. Through Physical Contact
Due to the amount of information found on our phones these days, it is important that we always remain conscious when someone borrows our phone.
Actions like call forwarding or WhatsApp-linked device setup can be done within a few minutes.
Someone to whom you may have given your phone may decide to perform any of such acts with your phone without your consent. Mind whom you leave your device with and where you charge your device.
Remember, social engineering tricks always evolve. The tricks stated above might be the most common way you can be scammed, but they are not the only way. You might still receive a phone call from someone requesting a code sent to your phone, as if it were a mistake from him.
Also, your account can also be hacked by downloading malware in the name of an app on your phone. Such an app will be relaying text messages or data from your phone to the hacker without your knowledge.
So, always be vigilant and follow blogs like this one to get updates about new scamming tricks.
How to Prevent WhatsApp Account Hacking
In order to remain safe from scammers and hackers online, you will have to learn not to trust anyone online and always verify.
Don’t be quick to dial USSD codes like the one used for call forwarding above if you don’t know what they are used for. Do not rely on what the sender says it is used for. They might trick you.
To cancel call forwarding and all call diverts on your phone, dial the code ##002# on your phone.
Avoiding downloading files with a.exe extension from unreliable sources is another way to stay safe. Also, avoid downloading phone apps outside the phone app stores.
Also, be mindful of the links you click; they might lead you to a malicious website.