WhatsApp is a Facebook owned free messaging app that allows you to make and receive voice and video calls, send text and image messages, create voice notes and more, all through the internet. WhatsApp is the most popular messaging app globally with over 2.5 billion active users worldwide. This places WhatsApp far ahead of other messaging apps such as Facebook Messenger(1.3billion), WeChat (1.2billion) and Viber (1.1billion).
Though it began its life as a personal messaging app used primarily for exchanges between friends and family, in January 2018, WhatsApp launched a variant of the app called WhatsApp Business. This was intended for business owners looking to take advantage of WhatsApp’s growing popularity and usage.
The rise of WhatsApp Business
As the leader in the messaging app world, the main benefit of using WhatsApp for business is that your customers are already there. If they are already using the app and are comfortable with it, and if it makes access to your business easier for them, then it is really a no-brainer to incorporate WhatsApp into your business messaging communications.
It can be used in business as an additional customer support tool. And with all the additional features for business accounts such as quick replies, automations, labelling and segmenting, brand-verified conversations and more, it is no wonder WhatsApp Business is quickly gaining in popularity.
WhatsApp Hijack scam
Finding convenient ways to communicate with customers and potential customers is crucial for a successful business. What is also crucial is that these communications are done securely while respecting the customers privacy. Unfortunately, with any technology, online app or platform, you will always have the threat of attacks and scams. Recently, a scam that is often referred to as the WhatsApp Hijack Scam, has been circulating again.
This may be an old scam but it still commonly catches people out, and so it is important to spread the word and make everyone aware of exactly how it works. Also for you as a business owner, it is vital to understand just how this could impact your relationships with your customer.
How does the attack work?
This first phase of the attack generally begins when you receive an unexpected SMS text message with a six-digit WhatsApp code. This is the same type of verification code that you would receive if you tried logging into WhatsApp on another device – chances are this is how the code got sent to you in the first place, as the hacker would have requested it when attempting to illegally login to your account.
The next phase is when the hacker sends you a message, usually under the guise of one of your close contacts, whose account will already have been hijacked. This message will read something like “Hello, sorry, I sent you a 6-digit code by mistake, can you pass it to me please? It’s urgent?” If you are unsuspecting and believe that this is truly from your friend, you may be inclined to send on the code.
By doing so, this would then give the hacker access to your account and your personal information. With these details, they could target your family and friends while impersonating you. They could go back over conversations and piece some very valuable information together. And for a business, hackers accessing conversations with customers along with their details could potentially cause major reputational as well as financial damage.
How to recognise a scam?
You may feel confident that you will recognise a scam when you see it and that you will easily spot when something brings up a red flag. However, sometimes these scams are so well done, it can be very easy to get caught out.
So, what should you be on the lookout for? According to WhatsApp, you may be a target of one of these scams if:
- The sender claims to be affiliated with WhatsApp.
- The message content includes instructions to forward the message.
- The message claims you can avoid punishment, like account suspension, if you forward the message.
- The message content includes a reward or gift from WhatsApp or another person.
What should you do if you think you have been a victim?
If you are receiving suspicious messages, the first thing to do would be to report these to WhatsApp directly from the app. If you suspect a message that came from a customer, friend, or family member is fraudulent, or if you receive a message from an unknown source, do not click any links within the message. Do not provide any personal information and delete the message.
Be sure to also let that contact know, through another means, that their account may have been hijacked.
How to protect yourself and your business from SMS scams?
You can find detailed instructions on how to stay safe on WhatsApp within their own user guides section here. Their key main recommendations are to:
- never give a password or SMS security code to anybody – not even friends or family.
- enable two-step verification for an extra layer of protection.
- be vigilant if you receive a message asking you for money.
A great rule of thumb to apply would be that if you ever receive a text message requesting money, then call the person asking outside of WhatsApp and verify that it is in fact you’re a known contact who sent the message.
We hope you have found this helpful, as providers of IT solutions, we are committed to our customers and their safety online. Be sure to check out some of our other guides here.