With over two billion daily active users, WhatsApp has become the beehive of phishing attacks in the past few years. The key reason behind this is cybercriminals prefer targeting flocks because they know people can collectively be more vulnerable. Unfortunately, with so many individuals using the same technology, some are bound to be less tech-savvy or don’t take the necessary precautions to safeguard themselves.
The Themes
In WhatsApp phishing, bad actors often create a sense of urgency that the target victims are not expecting to trigger an emotional release. The attacks range from lottery, job, and romance scams, more prolifically, among many others. However, the latest trend on WhatsApp is undoubtedly different from traditional phishing techniques.
Present Scenario and the Concerns
For a few months, Indian users have been getting random video or audio calls on WhatsApp. These calls come from various country codes, including the US, UK, Malaysia, Kenya, Vietnam, Ethiopia, South Africa, etc. The problem has become so severe that WhatsApp owner Meta was compelled to release a press note describing it and requested its users to block and report it urgently.
Addressing the grave concern, the minister of Communications, electronics, and Information Technology, Ashwini Vaishnaw, has asserted that WhatsApp has agreed to weed out all the mobile phone numbers which have been flagged as fraudulent on the Department of Telecommunications official website Sanchar Saathi. Which means somebody has to report each fraudulent call to the department.
WhatsApp offers a more straightforward method to eliminate such scamsters, which we will delineate in the safeguards section of this blog.
Even though reporting each number to the state authorities sounds complicated, this could be the best measure to sieve the exploding number of spam calls and messages. Because being an End-to-end encrypted platform, no substitute is available to track down the message senders or callers. And even if the WA authorities bring up some regulation control to the governments, the decision might ignite another political conundrum and end them up in a soup.
Vulnerabilities
However, thwarting these spammers is necessary to keep the large user base safe. Because if you remember, vulnerabilities triggering remote code execution through calls or downloads are not new for WhatsApp. For example, the last declared exploit from WhatsApp authority, CVE-2022-36934, and CVE-2022-27492, was related to integer overflow and underflow vulnerabilities, which could result in remote code execution just by engaging the victims in video calls or sending a specially crafted video file.
And who can forget the notorious Pegasus spyware campaign? Triggered by CVE-2019-3568: An RCE (remote code execution) vulnerability in WhatsApp VOIP Stack was triggered when specially crafted RTCP packets were sent to the target device. The exploit helped bad actors propel third-party files onto the target victim’s device by placing a missed call on WhatsApp (it doesn’t matter whether they accepted or declined the call). Even though WhatsApp had already patched all the vulnerabilities, the previous incidents indicate it’s not impossible to crack someone’s WhatsApp account from a remote place if another vulnerability pops up.
What should you do?
We are not suggesting you take off from WhatsApp as of now. Of course, most of our friends, family, and colleagues are hooked over there, making conversation easy for us. But embracing a few safeguarding techniques and tweaking your WhatsApp settings can make you much safer than ever. So here goes a few recommendations for you.
- Blocking the scamsters: Suppose you see an unexpected call from any foreign number starting except +91. In that case, you should disconnect and long-tap the number to report it to WhatsApp. Messages from unknown numbers come with buttons to block or report the sender’s number to the developer. You can also compel WhatsApp to permanently stop the number by raising a complaint on the toll-free number 1800110420 / 1963 to the Department of Telecommunications. Another method to block a number is sending a text message to 1909 with a prompt BLOCK/UNBLOCK followed by the number. You can contact the national cybercrime helpline number 1930 to raise other complaints.
- Update and install from official stores: Always update or download WhatsApp from official app stores like Google Play Store, Apple App Store, or Microsoft Store to prevent downloading a potentially malicious version of WhatsApp.
- Manual update: It’s a good practice to turn off auto downloads for all the features. Instead, check for WhatsApp updates from time to time manually and update the application to its latest version.
- Update your OS: Make sure the operating system of your device is updated regularly, as a newly released update may contain security patches and other fixes that can help to safeguard your WhatsApp account.
- Avoid clicking on links: Be cautious of links sent from unknown sources; avoid clicking on them, as they often contain malware that can harm your device and steal data.
- Avoid downloading random content or apps providing anything for free: Avoid downloading apps offering premium OTT videos for free. Also, avoid downloading random content or apps until verifying the source’s legitimacy, as they could be malicious applications or malware piggybacking contents that can compromise your device for several nefarious reasons.
- Set 2FA: Enable two-factor authentication (2FA) on your WhatsApp account, which adds an extra layer of security by requiring a code sent to your phone to access your account. To activate, navigate to Setings>> Two-Step Verification and follow the instructions on your screen.
- Set auto-download off: Turn off the auto-download feature in WhatsApp to manually download media files like videos, images, and documents. The options are available in WhatsApp Settings>>Security.
- Malicious QR Codes: It’s crucial to exercise caution when scanning QR codes on WhatsApp as it poses various risks. Scanning QR codes from credible sources is highly recommended to prevent falling prey to fraudulent activities.
- Install an AV: Install reliable antivirus software such as K7 Mobile Security to help detect and thwart phishing attacks, rogue links, and malware attacks to safeguard your device.