Cape Town - After almost 500 million WhatsApp phone numbers were recently found on the dark web, security experts are warning WhatsApp users of possible scams coming their way.
According to Cybernews.com, earlier this month a hacker posted an ad on a well-known hacking community forum, selling a 2022 database of 487 million WhatsApp user mobile numbers.
Cybernews said the dataset allegedly contains WhatsApp user data from 84 countries. They advise that the numbers are used mostly for smishing and vishing attacks, and recommended users remain wary of any calls from unknown numbers, unsolicited calls and messages.
Surfshark’s information security officer Aleksandr Valentij warned of possible smishing and vishing attacks. With so many Black Friday deals circulating online, users must be on the lookout for fake deals with malicious links attached.
“WhatsApp users should be cautious. Scammers might purchase the phone numbers from the dark web and use them for mass phishing campaigns. However, if users act responsibly, they should be able to keep their data safe and avoid the negative consequences,” said Valentij.
Smishing is when hackers send out fake SMS messages to extract sensitive data or to trick a user into clicking on a malicious link. A smishing message may include a special offer that you can redeem by clicking on a link, or it can involve a request for sensitive data, such as your bank account information or other PII (personal identifiable information) which may be used during follow-up identity theft frauds.
“Be extremely careful about SMS messages which look like they include an MFA (multi-factor authentication) confirmation code. If you receive an MFA message randomly, it’s a hacking attempt. Do not disclose this confirmation code to anyone and change your affected account password asap,” said Surfshark.
“Vishing is another form of social engineering, but it involves fake phone calls with similarly malicious requests. You may receive a phone call from someone claiming to be a technical support agent for a service you use, and they can ask you to confirm your sensitive details such as name, email, or even bank account number.”
Black Friday is the perfect time for scammers to release their phishing campaigns in which they pose as legitimate companies, added Valentij.
“If you receive an unusual offer with a link attached to it, there’s a good chance it’s a scam and that there’s a virus hiding behind that link. Try to keep a sharp mind this shopping season. If an offer seems too good to be true, it probably is.”
Cape Times