WhatsApp is the most popular messaging program with around two billion users worldwide. With these user numbers in place, it must be assumed that attacks on users must be extremely difficult. A report by security researchers, Forbes, is even more surprising Discover.
Accordingly, thanks to various messaging mechanisms, attackers can block their accounts via external access using only the user’s mobile phone number thus preventing new registrations. WhatsApp mostly does not use real employees to answer user inquiries, it relies on artificial intelligence; This also applies, for example, to email messages through which users want to report a stolen account.
Amnesty International recognizes these requests automatically – then users have to enter their phone number to verify their account. This is exactly where the problem is: if the attacker had the number and gave it in two emails to report a stolen account, it would be closed automatically and the actual owner could no longer use it. Annoying: Not even two-factor authentication can protect against such attacks.
WhatsApp: Malware spreads through conversations – this is how you protect yourself
WhatsApp: The second step makes attack schemes more dangerous
Basically, this mass can be lifted with relative ease by checking the number again. However, if the attacker tried several times previously to block the account using emails and entering the phone number, user accounts would be blocked for at least twelve hours – and in many cases for a much longer period. The user cannot then access their account for a specified period of time, no matter what they try.
Fortunately, attackers cannot access sensitive user data or use the accounts to send unwanted emails or the like. At the same time, account blocking is still very annoying for many users, as WhatsApp is the most important communication tool for many, especially in times of Corona.
“Reader. Organizer. Infuriatingly humble twitter expert. Certified communicator.”