scams involving Account theft and cloning No The WhatsApp increased in recent years. In 2020 alone, it is estimated that more than 5 million accounts have been cloned from the app in Brazil. Criminals are increasingly devising strategies to deceive their victims, but many fraud attempts rely on the direct help of the Internet user himself – even if he does not know it.
And scams like this are older than you think. A report from the research lab of virtual security company Eset warned in 2019 that one of the increasing ways to hijack WhatsApp accounts is through an attack known as QRLjacking.
The action makes use of social engineering techniques to attack not only WhatsApp, but also other applications that use a file QR Code (Barcode Evolution) for recording and use on a computer.
In the case of WhatsApp, a QR code is generated when a person accesses the application in a web browser or desktop version, on the popular WhatsApp Web. When this code is scanned, the user can access their account on the computer.
With this functionality, criminals attack, according to Eset researchers: scammers convince victims (via phone, email, and text messages) to scan a misleading QR code, which instead of presenting an official WhatsApp page displays a fake page trying to hijack users’ WhatsApp session.
The research lab remembers that a QR code is an image that, once interpreted, can contain a URL or other information that the device can understand.
Newer WhatsApp versions require a biometric or PIN unlock to validate a new session on another device. But older versions, not updated by the user, use this code to grant access without any further validation. Knowing this peculiarity, the cybercriminals were meticulous: they developed tools capable of capturing and storing an image of a QR code generated by WhatsApp and creating a new one, of the same type, to show the victim.
After the invasion, the user’s session is stored on the computer of hacker He can use it however he wants. Details: Account “hijacking” occurs without using the app in a file cell phone From the victim necessarily stop.
Eset warns that all apps that use a QR code may be exposed to similar attacks.
How to protect yourself
The company suggests some measures that act as tips to avoid account takeover in this case:
- Use public or unknown Wi-Fi networks as little as possible, because such attacks usually happen when the cyber criminal is on the same network as their victims. If you need to use the Internet, avoid accessing information that is not very necessary at that time.
- Find out what apps you’re using and be suspicious if an ad asks you to scan a QR code in exchange for some benefit or as part of a process that bypasses validation. In the case of WhatsApp, the code is used exclusively to allow the application to be used on the computer.
- Don’t fool yourself: Even on networks that are considered secure, always keeping an eye on your eyes is the best practice to at least help prevent different types of security incidents.
- Watch out for the app’s response to your command: if you scan a code and receive no action in response, stay alert. If in doubt, go to the WhatsApp home screen, select the “WhatsApp Web” option and end all started sessions. This immediately blocks criminals from accessing the account.
- Keep security software running and up-to-date on your device: Always set these mechanisms to block threats, whether on your smartphone or on your PC.
*With information from Janina Garcia’s article
“Web geek. Wannabe thinker. Reader. Freelance travel evangelist. Pop culture aficionado. Certified music scholar.”