Technology Cybercriminals put almost 11 million Spanish WhatsApp numbers up for sale to use them in 'smishing' attacks
Data Some hackers managed to deceive Apple and Meta by posing as security forces and stealing information from their users
The
leaking of a database
can have numerous consequences of different severity, among them, the
free access of cybercriminals
to information susceptible to being stolen, as well as the origin of malicious campaigns that can endanger the security of users and organizations.
CyberNews recently broke the news that a group of cybercriminals has allegedly stolen
millions of mobile phones
with WhatsApp accounts from all over the world and put them up for sale on the hacking community forum BreachForums.
Around 11 million of those affected would be Spanish, but the database put up for sale is close to
500 million numbers
.
Although from WhatsApp they do not believe that a hack to their platform is justified, the presence of these numbers exposes their owners to different cyber risks.
According to the aforementioned medium, these malicious actors would have done so with the aim of implementing, among other things,
'smishing' and 'vishing'
attacks -which involve impersonation through an SMS or a call, respectively-, as well as to impersonate the identity of other users and commit fraud, malicious techniques that multiply in companies and organizations.
"Once cybercriminals have the telephone numbers and other means of contact and sell them, attacks such as 'vishing' or 'smishing' have a very large potential to multiply", comments the technical director of Check Point Software for Spain and Portugal, Eusebio Nieva, in line with what happened.
Describing both as "very dangerous" because cyber fraudsters "can gain access to
business data
through them," Nieva points out that they can even "deceive an employee to perpetrate economic theft."
These types of attacks increase on dates of massive purchases, such as
Black Friday
or
Cyber Monday,
as well as during sales initiatives of the brands themselves, such as Amazon Prime Day.
So much so that, according to a study published by the cybersecurity company last July, 'phishing' emails related to the company founded by Jeff Bezos increased by 86 percent during the celebration of this event.
Leakage of data from other accounts
The leaking of
millions of WhatsApp numbers
, subsequently put up for sale on dedicated online hacking forums, often results in the theft of other user accounts.
"It happens especially if we have the credentials of one of them and we have the same in the others," points out Check Point's technical director, who insists on the need to have an exclusive credential for each account.
"Sometimes it can seem cumbersome to remember all of them, but if we select a good password manager, it can make the task much easier," he adds, recalling the importance of having authentication systems.
"It is important to implement the
double authentication
factor in all services, since in this way if someone tries to access from another point, they will be blocked and we will be able to avoid the attack," Nieva concludes.
According to the criteria of The Trust Project
Know more
WhatsApp
Social networks