The National Telecommunication & Information Technology Security Board (NTISB) has issued an advisory letter to government officials warning them about the hacking of WhatsApp via a simple verification SMS.
The letter advises the government officials to ignore the code verification message unless it is triggered by the subscriber himself/herself.
According to the advisory letter, a number of government officials have been receiving WhatsApp verification SMS on their SIMs. The message asks receivers to click on a link and insert the verification code in the text. After doing so, the user receives a call from an international number starting from ‘001’. This call will then transfer the user’s ID and WhatsApp data to the hackers.
Unfortunately, in the past few weeks, this social engineering tactic has helped hackers get into many accounts globally.
Normally, when WhatsApp is installed on a device, the application sends you a verification code to check if you are the owner of the phone number and it is done automatically. However, in this case, the scammers are sending the messages. If you click the link, you are confirming that it is you on behalf of the scammer.
The letter further instructs:
- Don’t click the link.
- Don’t use any code received from any number from your contact list.
- Don’t receive any international calls in case you have mistakenly entered the code.
These lackluster instructions display remarkable ineptitude, in simpler terms, it is advised that no links from any unknown number should be visited. And any unofficial contact should be avoided entirely.
However, if you think your data has already been compromised, you can send an email with all the required information to [email protected].