Despite security improvements to the platform, hijacking WhatsApp accounts remains a trivial task for threat actors, who take advantage of the platform’s authentication mode to take control of an affected a few. Hackers can resort to any trick to trick users, even taking advantage of the COVID-19 vaccination campaign.
Officials at Spain’s National Cybersecurity Institute report that dozens of WhatsApp users have been receiving a message from threat actors impersonating Social Security representatives, requesting a verification code to receive a third dose of the COVID-19 vaccine.
Cybercriminals request this code from users, which is the method used by the application to verify the identity of the legitimate owner of each account. It is enough for threat actors to enter the code into a device under their control to complete the account hijacking.
In addition to hijacking the affected account, threat actors could try to trick other users into the victim’s contact list and even try to access other online platforms.
During the last months the hijacking of WhatsApp accounts has become one of the biggest cybersecurity problems in Spain, especially since millions of people are waiting to be vaccinated against the coronavirus.
A similar campaign has affected users in Latin America, with hundreds of reports of WhatsApp messages asking users to forward the authentication code. The authorities of several countries have even had to alert their inhabitants about these malicious campaigns, recommending ignoring these messages and reporting to the corresponding authority.
The main security measure is not to disclose this code by any means; even WhatsApp recommends not sharing this code with other people, not even family, friends or acquaintances. Luckily, recovering the hijacked account is as easy as completing the attack, as users simply need to request a verification code from their original device.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.