WhatsApp is the most popular mobile messaging app in the world. According to a survey by Statista, at the end of last year, Brazil was already in second place in the ranking with the largest number of users of the app in the world, totaling more than 99 million accounts, second only to India, with around 340 million, and ahead of the US, with 68 million.
With the growth of this popularity comes the increase in the action of cybercriminals who seek to disseminate massive scams, reaching an increasing number of victims to earn large amounts of money. Scam types are also becoming increasingly sophisticated, with social engineering techniques to convince people to share security codes for two-factor authentication and gain control of accounts.
When cybercriminals gain access to the victim’s account
There are known forms of scams, such as when, after obtaining the victim’s phone number, the cybercriminal makes a call pretending to be a technical support employee on a known website to ask the victim to share a confirmation code via SMS; in fact, the code was sent by the fraudster himself.
If the victim clicks on the link received, it allows cybercriminals to clone the account and look for more contacts, to trick them. With this, the user can lose control of WhatsApp, while the fraudster can read and send messages on his behalf.
When using a WhatsApp account on a new device, groups related to the number are automatically transferred to the device. Sent messages do not appear, but other members’ phone numbers are visible, which probably indicates how cybercriminals choose more victims.
Phone numbers are easy to find
Most people do not consider the phone numbers WhatsApp uses as confidential information, so this data may be available on social media profiles, sent by various services, obtained for marketing actions or even included in database leaks. and, in this case, sold on the dark web. Even random attempts to come up with possible combinations of numbers can generate good results for scammers.