In order to steal Rivera's account, the hackers made use of the different tools that the messaging platform puts at our disposal and that are designed precisely to avoid it, so lack of cybersecurity knowledge is exploited by bad guys.
First of all, we must bear in mind that if we have the misfortune of having our WhatsApp account stolen, they will never be able to access our contacts, nor the chats we had in the application, since the backup that WhatsApp performs on Android is stored in Google Drive for free, while on the platform of Apple It is stored in iCloud.
In order to access the chats, they not only have to steal the WhatsApp account, but also they would also have to steal the passwords of these platforms, either Google Drive or iCloud, something quite unlikely since they must first know the email account in which they are stored.
How Albert Rivera’s WhatsApp account was stolen
The hacker reported through the application that his phone number was being used by another person. WhatApp, proceeded to send an SMS to the phone number associated with the WhatsApp account in order to Check that you are the rightful owner.
In order to get that verification code, the hackers sent a WhatsApp message to Albert Rivera posing as the messaging platform and urging him to write the code he had received via SMS.
With the confirmation code at your disposal, the harks could register the telephone number of Albert Rivera and begin to use it as if it were the leader of Citizens, and with the consequent damage to its
How to prevent the WhatsApp account from being stolen
Once we are clear to what extent they can access the information we had in the application, below we show you how we can prevent the WhatsApp account from being stolen.
WhatsApp ALWAYS communicates with us via SMS
The messaging platform will NEVER send messages through the messaging platform. ALWAYS do it through an SMS, a method that is also vulnerable due to the neglect of the operators, as we could see a few weeks ago when hthey hacked the CEO account of TwitterJack Dorsey, but it is a much more complex process and requires extensive knowledge.
Activate two-step verification
Many are the services that today offer us the option of two-step verification. Thanks to this method, the platform will request a 6-digit code that we have previously established through this option. If you receive a message, via WhatsApp or SMS asking you about this code, do not think about answering, since you will get the WhatsApp account stolen.
Do not respond to WhatsApp messages that request our data
Many are the users who have associated the WhatsApp account with Facebook and messenger, so they do not need to ask us questions such as the date of birth, the name of our pet, where we were born … typical questions that many internet services ask to be able to recover our account if we have forgotten our advice.
If we give this information through a WhatsApp chat, thinking that it is the messaging platform, we are giving information with which they can access our email accounts where backup copies are found associated to our WhatsApp account. Once they have been made with our phone number, they can restore both contacts and copies of the application chats.
Beware of links
If you have heard about phishing, you know what I am talking about. For a few years, many users receive emails that invite us to click on a link to be able to restore our account password. These links show us a practically traced appearance to the original platform, but The web address does not correspond to the service and invites us to enter our user account together with the password.
If we fill in this information, we can forget about the account, since the hackers will change the access password so Recovering the account will be virtually impossible. Fortunately, current browsers are doing their part and when we visit such a website, it informs us that it can be phishing, but they are not infallible.
Protect access to the application
We never know who may want to access our WhatsApp account, as long as we are not a known person. Sometimes, our friends or family can be our worst enemy. To prevent them from having access to the application to steal our account, we must protect access to the application, either by an unlocking pattern, by fingerprint or facial recognition.
Close all web sessions
That comes up from the previous point. If we have not been careful to protect the application so far, it is likely that another person can have access to all the conversations we are having through your web browser. If you do not usually use this service and want keep them from spying on you, you must close all web sessions that the application shows you as open.
For close all web sessions that we have open, we just have to access the account configuration options and click on WhatsApp Web / Desktop. Within this menu, all web sessions that are open on a computer through the browser will be displayed. By clicking on Close all sessions, all access through a browser will be deleted.