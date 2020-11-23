Sections
WhatsApp ‘OTP scam’: What is it and how not to fall prey

Hackers and scammers have devised a new strategy to target WhatsApp users: a one-time password (OTP).

Updated: Nov 23, 2020, 15:37 IST

By hindustantimes.com | Edited by Karan Manral, Hindustan Times New Delhi

A logo of WhatsApp (REUTERS/File Photo)

Almost everyday, one comes across a scam being carried out through social media. Similarly, WhatsApp, which is one of the world’s most popular messaging platforms, is attacked by scammers time and again. No wonder then, they have found yet another way to target WhatsApp users, this time through the one-time password (OTP).

How does the ‘OTP scam’ work?

To set up WhatsApp on a new smartphone, one needs to enter his/her registered phone number. Once this is done, WhatsApp sends an OTP to the phone number; one has to type in this OTP to set up WhatsApp. However, it is important to note here that WhatsApp sends an OTP only if prompted by a user.

It is this feature hackers and scammers are using to target WhatsApp users. The scammers pretend to be friends or family members and send “messages,” sometimes describing an “emergency” to grab one’s attention. Once this is done, they’ll send a WhatsApp message asking for an OTP, which, they’ll say, has been forwarded “accidentally.” The moment this OTP is shared with the hacker, the user gets locked out of their WhatsApp account and the hacker takes over it completely.

The hacker can now send a message from the person’s WhatsApp account to all the contacts and continue with the scam.

What to do if WhatsApp account is hacked?

If somehow one falls prey to this scam, they need to immediately reset their WhatsApp account and log in again by entering their number and receiving an OTP. Logging into WhatsApp with this OTP locks the hacker out.

How not to fall prey to this scam?

Since WhatsApp does not send an OTP without being prompted, one should ignore an OTP sent on their number if they have not asked for it. Check with friends or family members on receiving a message from their number asking for an OTP. Activating two-step authentication is also helpful in preventing one from falling prey to this scam.

