Polish army warns WhatsApp users. “High Threat”

ByValeska
WhatsApp, zdjęcie ilustracyjne

On Wednesday, October 8, the Cyberspace Defense Forces posted a message online addressed to WhatsApp users. Experts warned Poles against a phishing campaign.

“Attention! There is an ongoing phishing campaign targeting users of the WhatsApp application. Recently disclosed computer security incidents indicate a high risk of phishing attacks on users of the #WhatsApp application,” we read in a statement from the Cyberspace Defense Forces on X.

Hackers steal WhatsApp accounts and extort money

As we learn from the warning, hackers use hijacked user accounts in WhatsApp. Impersonating the owners of stolen accounts, they send crafted phishing messages to the victim’s contacts. Their goal in this case is to extort access data and gain unauthorized access to accounts from which they then try to extort money from the victim’s contacts.

The military described the mechanism for taking control of the account. First, there is a fake voting request – the message usually comes from a friend or family member (from a compromised account) and asks to vote in the competition. Then we receive a phishing link – the message contains a malicious link leading to a fake website.

The next step is to link the account – the fraudster asks you to provide your phone number and enter an 8-character verification code, allegedly to “vote validation”. The result is account takeover – after entering the code, the attacker takes control of the victim’s WhatsApp account. Accounts stolen in this way are used to further send phishing messages and attempt to extort money.

How can we protect ourselves?

  • Don’t interact with suspicious messages

  • Do not click on links or enter any authorization codes

  • Inform the account owner (preferably by phone) that their account may be compromised

  • Report the incident to the appropriate services or IT security teams

How to check connected devices in WhatsApp?

  • Go to Settings

  • Select Connected devices

  • Make sure only your devices are listed there

The military reminds that phishing threats may affect many messengers, not only WhatsApp. Similar schemes can also be used in applications such as Signal or Messenger. “We call on you to be especially careful and vigilant towards unexpected and sudden requests for help, voting or account verification,” they conclude.

Similar Posts