A statement has been issued by the Malaysian Communications and Multimedia Commission (MCMC) which highlights about a potential scam where unauthorized individuals can take over your WhatsApp account.
They had revealed that the scammers will use various tactics to trick users into revealing their 6-digit verification code that’s sent by WhatApp. The code is similar to those sent by online banking and eWallets which should not be shared with anyone.
Scammers want your verification code
Do note that WhatsApp will only send a verification code when someone tries to login with your phone number. One of the few tactics that the scammers use is “pretending to be your friend in trouble” to get your verification code as they are claimed to be in trouble. Scammers also pretend to be from WhatsApp.
They also take it one step further by calling you for the verification code. Before they do so, they will make several failed verification requests and WhatsApp’s system will make an automated call to verify your code. If one were to not answer the call, they will attempt to gain access to your voicemail.
What can the scammers do?
WhatsApp had stated that the scammers will be able to see the list of group chats you are in and if access is gained by them, they could misuse your identity to possibly scam friends and family for money due to an emergency. On a side note, they will not be able to read your messages as that is stored in your current phone with end-to-end encryption.
How to protect your WhatsApp account?
The main thing to do is not to share your 6-digit pin and ignore those who ask for the code.
WhatsApp advices users to enable the two-step verification which is a feature introduced since 2017 as it adds another layer of security. By using the two-step verification method, it allows you to add a 6-digit password and you will need to enter your email address if you need to reset it. Now if one were to login your WhatsApp, it will require the SMS verification code and the 6-digit password.
What happens if you’re logged out?
If you’re logged onto another device, it will kick you out of the current device. To regain access, you should try to login back to your phone number as soon as possible which requires an SMS verification. do note that the verification code is always generated randomly so this means you cannot login with an old code.
For further reading, you can check out WhatsApp’s post about stolen accounts and receiving verification code that you didn’t request. It is advisable that you activate two-step verification if you haven’t already or watch the video below: