WhatsApp users have faced a new hacking attack that can prevent the user from entering their account after receiving a single phone call, according to a report published by the British newspaper, Express.
Besides hijacking the account, the attack also allows hackers to access the victim's contact list and read his private messages on the app.
This serious attack on WhatsApp users can be executed within minutes.
The threat was revealed by Rahul Sassi, founder and CEO of CloudSEK, a digital security company.
The attack takes place after the hackers obtain the phone number of the WhatsApp user, by resorting to some social engineering tricks that are based on deceiving the victim as well.
After communicating with the victim, the hacker tries to persuade him to call another number, and the research did not reveal how to persuade the user to make this phone call, but it is likely to include typical methods used by fraudsters, such as claiming that the victim received a financial reward, or that his account is in danger, or Saying anything else might cause someone to panic and make them do the attackers' orders.
If a WhatsApp user ends up obeying the hacker's directions and calling the number they were told, they will be kicked out of their account within a few minutes.
At the moment, enabling two-factor authentication helps protect you from this type of attack (networking sites)
According to the report, hackers are able to take control of accounts thanks to automated services from mobile phone companies, which forward calls to a different phone number, as well as WhatsApp, which allows users to send a "one-time verification password" (OTP) via a voice call.
Once hackers have the one-time password, they can take over the victim's WhatsApp account and register it on their device, then use two-factor authentication to prevent its owner from regaining access to their account.
Specialists conducted their own experiments to see if the scam was successful, and they found out that it succeeded, but it required more effort than expected.
At the moment, enabling two-factor authentication helps protect you from this type of attack, while you should also be wary of unwanted text messages or phone calls, whether they try to induce you to visit an external website, or provide personal and financial information.Keywords: