The WhatsApp hack that has been in the news for a year has seen a recent spike in the number of attacks since the novel coronavirus pandemic has hit the world. An audio message of the recent hack victim Deepa Lekshmi went viral on WhatsApp, where she recounted her plight of her WhatsApp account being hacked and used maliciously by the hacker.
According to Deepa, she received messages for Whatsapp login code on her mobile phone in the last week of July and found herself logged out of the account one day. Unable to log in to the account, she realized that the hacker had uploaded an inappropriate DP on her account and carried out various other inappropriate activities.
She lodged a complaint with the cyber cell of the Kottayam Police. Fortunately, she was able to access her account using voice login, but she immediately changed her mobile number as the incident left her information and privacy vulnerable.
How it works
A user can log into his/her WhatsApp account using the 6-digit verification code received through SMS. This means that anybody who knows the victim’s mobile number can get access to the account if he/she manages to get the authentication code. The attackers usually use social engineering methods to gain access to the verification code.
Sometimes, the attacker has been reported to approach the victim, pretending to be a friend logged out of their accounts to get the code. In the case of Deepa Lekshmi, the hacker had probably blocked the SMS authentication and gained access through other techniques.
How to safeguard
Whatsapp is an ever-evolving platform that continuously works for better consumer experience. This quality of WhatsApp makes its users less vulnerable if they utilize the proper settings. Whatsapp has enabled a two-step authentication process every time the app is installed on a new device or major settings are changed.
It allows the user to set up a 6-digit pin, which is different from the verification pin to verify the user credentials. Users can enable it anytime from their general settings. Even if the hacker has set up the pin instead of the victim, the user can reclaim his/her account after seven days. The security FAQs of WhatsApp tells the user what to do in such circumstances.
Another commendable WhatsApp security feature is that it logs out another session if the user logs in for a new session. Also, the hacker can get access to already present data only if he/she has access to the backup account of the victim, which is rare. Therefore, previous data is less vulnerable. However, the hacker gets full control over the account once it is logged in.
Whatsapp is a ubiquitous platform used by the people across worldwide for personal communications. It is the most trusted platform where people sometimes reveal their really confidential information.
Cybercrimes are rising and making more and more people vulnerable. It is this time, when we, as users, need to be alert. Only we can save our data from getting hacked.