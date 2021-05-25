This is how they are stealing WhatsApp accounts today | Pixabay

Everything seems to indicate that they are appropriating even those that are protected with a double factor of authentication, so this has quite annoyed its millions of users around the world, since in fact it is something annoying.

Being one of the applications that is used the most every day, cybercriminals have launched various attacks through WhatsApp, either through deceptive chains where a prize is promised, or seeking to steal users’ accounts to take advantage of their information personal.

In fact, a new technique has recently been discovered that scammers are using to seize the accounts of the messaging application.

It should be noted that on other occasions we have told you several times about deceptions that are executed through the supposed verification of ads, the invitation to a party or VIP event, and the cloning of accounts after stealing the profile photo of the victims.

Until now, the best way to avoid these types of fraud was the activation of the two-step verification, where the user creates a personal password that is requested at the time of installation of the application.

Everything seems to indicate that this resource finally became popular, however, not for its intended purpose since Kaspersky analysts have just discovered a scheme that, through the use of social engineering and a request to the application support area, circumvent this protection.

The fraud begins with a call to the victim, where the criminals pose as representatives of a health institution and ask to conduct a survey on Covid-19.

At the end of the questions, the fraudster asks the victim to share the code that will be sent to their mobile device to register their participation in the survey and prevent the institution from calling them again.

It should be noted that the staging has a clear objective: to make the victim share the six-number code that is sent via SMS, which is actually the code that WhatsApp sends to be able to activate the application on a new phone.

And this is how the victim does not pay attention to the message and delivers the code, his account could unfortunately be stolen.

It is worth mentioning that the novelty of the scam arises when the offender finds that the victim’s account has double authentication enabled.

When this happens, the fraudster calls the victim again, however, this time impersonating the messaging app’s support team on the pretext that malicious activity has been identified on the account.

The victim is instructed to check their email and look for the message with the link that will allow them to register again for double authentication.

However, by clicking on the link, the two-factor protection is disabled allowing criminals, who already have the temporary activation code, to steal the victim’s account.

What most impressed Kaspersky experts is that the victim receives a legitimate email message from WhatsApp titled “Two-Step Verification Reset” with a link that disables this protection.

Discovering this, Fabio Assolini, a senior security researcher at Kaspersky, notes that the social engineering of criminals has reached a new level.

The only way for people to protect themselves from this new scam is to suspect or know in advance that it exists. From a security point of view, the authentication process needs to be improved, otherwise account theft scams will continue to increase. “

“In addition, the design of the application allows the scam to disable two-factor authentication. If, instead, the link sent took the user to the WhatsApp page to reset the two-factor password, criminals would not be able to install the accounts on your device, ”explains Assolini.