before the wave of whatsapp account theft In Mexico, the messaging service announced that it will tighten security to prevent Tipsing. The new method requires an extra step when receiving the verification code six digits with a phone call.
Starting today, users they will have to answer the automated call and press the number 1 to receive the code. User interaction is essential because if the call is forwarded to voicemail, the verification code will not be stored.
The tweak is due to a security flaw that attackers take advantage of to steal WhatsApp accounts. When we reinstall the application or change the phone, it is essential to reactivate it with a security code sent by SMS or phone call.
If the victim does not notice the message or does not answer the call, the PIN code is sent to voicemail. Later, Tipser accesses voicemail remotely, an option offered by some operators. Voicemails often use four-digit passwords that are brute-forced or, in the worst case, not protected at all.
Account theft is a constant in Mexico
The scam rose to prominence in late 2021 when it was revealed that the governors of Oaxaca and Sonora had been victims of account theft. Alejandro Murat and Alfonso Durazo reported the Tips on their social media and communication channels and asked not to respond to messages.