Abdullah Al-Sabe, a technology specialist, said that the issue always starts with a message on WhatsApp in which an unknown person asks the user to join a group and send a code.
Once the hacker receives this code, he can easily use the victim’s device, send messages to his contact list and ask for money transfers. The only solution, he said, is to never interact with unknown users and never to respond to messages asking to follow some link or to enter any code.
Talat Zaki Hafiz, the secretary-general of Saudi banks’ media and banking awareness committee, said that hacking was part of the dark side of technology.
“You get links through emails or SMS or WhatsApp text. By interacting with them, users get in the trap and risk getting their devices hacked,” he said.
Saudi banks, the Saudi Arabian Monetary Authority, all mobile phone operators and the Capital Market Authority regularly send warning messages to the public to avoid responding to such messages because they can carry programs that pull data from phones.
He asked people to ignore such messages and report the suspicious message to the unified number 330330 via SMS. He added that there had been a positive response from the public about the awareness campaigns. If users suspect their bank details have been hacked, they should call their bank to take the proper action such as canceling bank cards. Users should make sure that they never reveal their bank account password or card details.
Dr. Talal Albalawi, information security assistant professor at the College of Computer and Information Sciences, Imam Muhammad Ibn Saud University, said that if users suspect that their account is compromised, they should try to do the following:
• If you cannot log into your WhatsApp account on your phone, try logging in from the WhatsApp desktop app to check if your account is compromised.
• Delete the app and download it again to register using the same phone number and SIM card used to register your account the first time. This will log out the hacker because WhatsApp does not allow for two logins at the same time to the same account.
• Alert family and friends that your account has been compromised to prevent further theft and damage.
It is always recommended that you follow certain steps as a precaution to better secure your WhatsApp account:
• Two-step verification, which is recommended for any app to make it more difficult for hackers to compromise accounts. In such settings you are required to enter your PIN when registering a new phone with your mobile number. You are required to re-enter the PIN at random timing again to make sure that the account is not compromised
• If you login using WhatsApp web, make sure to logout when your session is finished.
• Also using a lock app is recommended, where you must input a PIN before you can launch the WhatsApp or any other application.
Check Point Research, which provides cybersecurity solutions, has announced a new vulnerability that it tested on WhatsApp. The damage can lead to crashing of the app for all members of a certain group. To overcome this problem, users need to uninstall and reinstall the application and delete the group that contains the message.