MITA Security Operations has been following a scam targeting several WhatsApp users.
Unauthorized third parties attempting to deceive you are sending unsolicited requests to forward WhatsApp activation codes with the excuse that the six digit code was sent to you by mistake. Since the activation code was sent to your registered phone number via SMS , it is linked with your WhatsApp account and should never be shared.
When you receive this notification, it means that someone has entered your phone number and requested the registration code . Handing over the WhatsApp activation code will allow unauthorized third parties to take over your account placing them in a favourable position to ask for a ransom or steal personal information like the groups you are in and any messages received.
How can I identify and handle these messages?
• The message content includes instructions to forward an activation code.
• The message claims you can avoid punishment, like account suspension, if you forward the activation code.
• The sender claims to be affiliated with WhatsApp.
• The sender appears to be someone from your contact list which could have already been compromised.
• The message content includes a reward or gift from WhatsApp or another person.
What should I do if I receive these messages?
• If user making request is not in your contact list block the sender, disregard the message and delete it.
• If you have received the scam from someone you know, give them a call and inform them of the scam, disregard the message and delete it.
How can I protect myself from this scam?
• Never hand out activation codes or passwords to anyone.
• Set up two-step verification for your WhatsApp – if someone does get hold of your six-digit number, they will still need an extra password.
• If you have fallen victim to this scam, relaunch your WhatsApp app on your device and ask for a fresh activation code – this will reset the app on your phone.