Navigator
Facebook
Search
Ads & Recent Photos
Recent Images
Random images
Welcome To Roj Bash Kurdistan 

WhatsApp voicemail scam give hackers access to your account

Share information about Computer , Internet, Websites ,Programming and other new technologies

WhatsApp voicemail scam give hackers access to your account

PostAuthor: Anthea » Tue Oct 09, 2018 3:14 am

Warning over WhatsApp voicemail scam that
could give hackers access to your account


    Scammers try to access a user's WhatsApp account via their voicemail inbox
    They first attempt to download and verify the app using victim's phone number
    By carrying out the attack at night, they bank on the user not checking their phone and take advantage of WhatsApp's six-digit verification code
    After getting the code, scammers can log into the user's WhatsApp account

A worrying new WhatsApp hack could give cyber criminals access to your account.

Scammers attempt to gain access to a user's account by taking advantage of weakly secured voicemail inboxes, according to Naked Security, a blog run by British security company Sophos.

The attacks became so prevalent that Israel's National Cyber Security Authority issued a nationwide warning.

A new WhatsApp hack could give cyber criminals access to your account. Scammers attempt to gain access to a user's account by taking advantage of weakly secured voicemail inboxes

To start, attackers try to install the WhatsApp app on their own phone using a legitimate user's phone number.

WhatsApp attempts to verify the login attempt by sending a six-digit verification code via text message to the victim's telephone.

Hackers try to do this when the victim may not be checking their phone, such as nighttime.

WhatsApp then gives users the option to send the six-digit code via a phone call with an automated message.

Since the user isn't checking their phone, the message ideally goes to their voicemail.

The scammer then takes advantage of a security flaw in many telecommunications networks, which provides customers with a generic phone number to call and retrieve their voicemails.

For many voicemails, users only have to enter a four-digit PIN, which if they haven't changed it, is typically an easy password such as 0000 or 1234 by default.

Hackers enter the password and gain access to the victim's voicemail inbox, thereby allowing them to listen to the pre-recorded message from WhatsApp that contains the six-digit code.

They enter that code into their own device, giving them complete access to the victim's WhatsApp account.

Experts recommend users turn on two-factor authentication on their account, which adds an extra layer of security, as well as make sure they have a strong PIN on their voicemail inbox

Making matters worse, particularly savvy hackers can set up two-factor authentication for the WhatsApp account, which requires users to enter a unique PIN code if they want to re-verify their phone number.

This prevents the victim from regaining control over their own phone number, Sophos noted.

The attack was first documented by Ran Bar-Zik, a web developer at Oath, but resurfaced again in a new report by ZD Net.

Israeli security officials have warned that the attack has been on the rise in recent weeks.

They recommend that users turn on two-factor authentication on their account, which adds an extra layer of security to your account.

'Using application-based 2FA...mitigates a lot of the risk, because these mobile authentication apps don’t rely on communications tied to phone numbers,' Sophos researchers explained.

Users can do that by navigating to Settings in WhatsApp, then tapping 'Account.' Navigate to the 'Two-step verification' heading and tap 'Enable.'

Further, experts say users should make sure they have a strong PIN on their voicemail inbox.
HOW CAN I CHOOSE A SECURE PASSWORD?

According to internet security provider Norton, 'the shorter and less complex your password is, the quicker it can be for the program to come up with the correct combination of characters.

The longer and more complex your password is, the less likely the attacker will use the brute force method, because of the lengthy amount of time it will take for the program to figure it out.

'Instead, they'll use a method called a dictionary attack, where the program will cycle through a predefined list of common words that are used in passwords.'

Here are some steps to follow when creating a new password:

DO:

Use a combination of numbers, symbols, uppercase and lowercase letters
Ensure that the password is at least eight characters long
Use abbreviated phrases for passwords
Change your passwords regularly
Log out of websites and devices after you have finished using them

DO NOT:

Choose a commonly used password like '123456', 'password', 'qwerty' or '111111'
Use a solitary word. Hackers can use dictionary-based systems to crack passwords
Use a derivative of your name, family member's name, pet's name, phone number, address or birthday
Write your password down, share it or let anyone else use your login details
Answer 'yes' when asked to save your password to a computer browser

https://www.dailymail.co.uk/sciencetech ... count.html
Good Thoughts Good Words Good Deeds
User avatar
Anthea
Shaswar
Shaswar
Donator
Donator
 
Posts: 19821
Images: 331
Joined: Thu Oct 18, 2012 2:13 pm
Location: Sitting in front of computer
Highscores: 3
Arcade winning challenges: 6
Has thanked: 5833 times
Been thanked: 709 times
Nationality: Kurd by heart

WhatsApp voicemail scam give hackers access to your account

Sponsor

Sponsor
 

Return to Computer & Technology

Who is online

Registered users: Bing [Bot], Google [Bot], Majestic-12 [Bot]

cron
x

#{title}

#{text}