WhatsApp uses a six-digit verification code to bolster account security. This code serves as an additional layer of protection, safeguarding against unauthorised access to your account. When setting up WhatsApp on a new device or re-verifying your phone number, you’ll receive a unique six-digit code via SMS, which you must enter to complete the verification process. This measure is crucial in preventing hacking or unauthorised logins, ensuring that only individuals with access to your registered phone number can log in to your account.

Threat Description

• Target: WhatsApp users
• Attack Vector: Compromised WhatsApp accounts.
• Method: Users will receive messages from compromised accounts soliciting a response, leading to a request for a 6-digit code (OTP).
• Consequences: Providing the code grants the attacker control over the recipient’s WhatsApp account.

Mitigation Measures

To mitigate the risk of falling victim to this attack, users are advised to:

• Exercise Caution: Be wary of unexpected messages, especially those soliciting personal information or authentication codes.
• Verify Identity: Always verify the identity of the sender before responding to messages, especially if they request sensitive information.
• Two-Factor Authentication (2FA): Enable 2FA on WhatsApp and other accounts to add an extra layer of security.
• Report Suspicious Activity: Report any suspicious messages or activity to WhatsApp and relevant authorities.

Conclusion

It is imperative for WhatsApp users to remain vigilant and cautious in light of this threat. By adopting the recommended mitigation measures and staying informed, users can protect themselves from falling victim to account compromise and unauthorised access. Remember, the security of your digital accounts is paramount.

Stay safe and vigilant.

Note: This threat advisory serves as a precautionary measure to inform and protect users against potential security threats.

Contact Us

If you have any questions or require further information on any other Cyber Security matters, please don’t hesitate to contact our dedicated team at [email protected].