How to avoid the latest WhatsApp scam that aims to hijack your account

Don’t be their next victim

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Fraudsters are using a social engineering trick to foolWhatsAppusers into handing over the keys to their accounts.

As Zak Doffman ofForbesexplains, the scam has been around for some time, but has seen a recent resurgence, possibly due to increased reliance on messaging apps during the coronavirus pandemic.

The attack can take two forms, both of which rely on tricking the user rather than compromising the app itself. In the first type of attack, you receive an SMS from a person claiming to be a friend or contact. The person claims to be struggling to verify their own WhatsApp account, and says the authentication code will be sent to your phone instead.

Of course, the verification code sent to your phone is for your own account, and together with your mobile number, allows the crook to log in as you on their own device, access your conversations, and send messages posing as you.

The attacker can then send the same request for a verification code to contacts who know and trust you – an approach that’s much more likely to be successful than an SMS from a random unknown phone number.

Be alert

Be alert

Now, attackers have found a more convincing way to trick you into parting with your login details: sending messages purporting to be from WhatsApp itself.

The new form of attack was first reported byWABetaInfoon Twitter, after a user queried a strange-looking message that appeared to originate from the company.

Get the best Black Friday deals direct to your inbox, plus news, reviews, and more.

Get the best Black Friday deals direct to your inbox, plus news, reviews, and more.

Sign up to be the first to know about unmissable Black Friday deals on top tech, plus get all your favorite TechRadar content.

This is #FAKE. WhatsApp doesn’t message you on WhatsApp, and if they do (for global announcements, but it’s soooo rare), a green verified indicator is visible.WhatsApp never asks your data or verification codes.@WhatsApp should ban this account. 😅 https://t.co/nnOehPL8CaMay 27, 2020

As WABetaInfo notes, WhatsApp and its partner company Facebook will never ask for your account details, and are very unlikely to send you any messages directly.

It’s also wise to protect your account by enabling two-step verification, which prevents any attempts to log into your account on a new device without also entering a six-digit PIN that you have created yourself.Find out how to set it up now.

Cat is TechRadar’s Homes Editor specializing in kitchen appliances and smart home technology. She’s been a tech journalist for 15 years, and is here to help you choose the right devices for your home and do more with them. When not working she’s a keen home baker, and makes a pretty mean macaron.

Quordle today – hints and answers for Saturday, November 9 (game #1020)

NYT Strands today — hints, answers and spangram for Saturday, November 9 (game #251)

Arcane season 2 confirms the hit series isn’t just one of the best Netflix shows ever made – it’s an animated legend that’ll stand the test of time