WhatsApp is one of the most popular instant messaging app and people across the world use the Meta-owned app for their daily communication and file sharing. However, given the popularity, WhatsApp is also susceptible to hacks and scams.
A WhatsApp OTP scam has now resurfaced where scammers are taking over people’s WhatsApp by sending an OTP to their number, in order to get access to the instant messaging app. Founder of a Cybersecurity company has posted on his LinkedIn explaining how scammers use this trick to hijack people’s WhatsApp. Rahul Sasi, in his LinkedIn post says that the attacker will call people and trick them into dialing **67*<10 digit mobile number> or *405*<10 digit mobile number>. What this does is that it activates call forwarding for Jio and Airtel users.
Once this is done, the attacker will log in to WhatsApp from the victim’s number, and send an OTP via call. Since they have engaged the victim’s number on a call, it will be forwarded to the given number, and the hacker will log in to WhatsApp from the victim’s account.
Now, this is not the first time scammers have used this kind of a trick to hack into people’s WhatsApp. Last year as well, the same trick was used by scammers by sending the WhatsApp OTP to a person’s mobile via SMS. Then, the hacker would text them saying that their WhatsApp will deactivate, unless they send the OTP to another number.
This scam works globally and scamsters in all countries have tried this approach. This happens because WhatsApp’s authentication while logging in to a new or different device requires a 6-digit verification code that is usually sent to the registered mobile number. Users can chose to recieve this OTP via text or via a call from WhatsApp.
Users are advised to remain extremely cautious and never share any OTP or verification code with anyone. If you are getting a WhatsApp OTP on your phone number for no reason, the best thing is to not do anythinng and not respond to any calls that you may receive after.