The National Information Technology Development Agency (NITDA) has raised a cautionary alert, highlighting an emerging threat where malicious actors strategically aim to compromise users’ WhatsApp accounts.
NITDA noted that their method involves surreptitiously activating users’ accounts on alternate devices and coaxing them into unwittingly divulging the crucial activation code, marking an alarming trend in cybersecurity vulnerabilities.
According to the agency, the attackers often use social engineering tactics, such as making calls or sending convincing text messages, to trick users into disclosing the activation code, which was sent via SMS by WhatsApp during the activation process.
“Once the attackers have the activation code, they can take control of your WhatsApp account, gain unauthorized access to your contacts, and potentially exploit this access for fraudulent activities,” the agency said.
WhatsApp Hack Alert & Preventive Measure!#BeCyberSmart pic.twitter.com/xCvxOIVCwH
— NITDA Nigeria (@NITDANigeria) December 26, 2023
Preventive measures
In response to the escalating threat of WhatsApp hacks, NITDA has recommended a comprehensive set of preventive measures to fortify the security of users’ accounts.
Also Read: NITDA warns against phishing attacks
These measures encompass a range of strategies, including but not limited to robust password management, two-factor authentication reinforcement, regular security audits, and heightened awareness about social engineering tactics employed by cyber adversaries.
- Enable Two-Step Verification; Go to WhatsApp Settings > Account > Two-Step Verification. Enable two-step verification and set up a secure PIN. This additional layer of security will be required whenever you attempt to activate your account.
- Be cautious of unsolicited calls or messages claiming to be from WhatsApp support or other seemingly genuine channels.
- Never share activation codes with anyone, even if they claim to be a friend or support representative. They are meant to be kept confidential.
- Always double-check the identity of individuals contacting you for sensitive information or financial aid.
- Verify the authenticity of messages and calls with known contacts through alternative means, such as a SMS or a phone call.
- Periodically review the devices connected to your WhatsApp account under WhatsApp Settings > Linked Devices.
- If you notice any suspicious activity or unauthorized devices, immediately log out of all sessions and re-secure your account.
Implementing these guidelines can significantly enhance the resilience of one’s WhatsApp account against potential breaches.
Comments are closed.