They could suffer ‘smishing’ or ‘vishing’ attacks, among others
The database leak It can lead to numerous consequences of varying severity, including the free access from cybercriminals to information susceptible to being stolen, as well as the origin of malicious campaigns that can endanger the security of users and organizations.
CyberNews recently broke the news that a group of cybercriminals has allegedly stolen and put up for sale the hacking community forum BreachForums millions of mobile phones with a WhatsApp account from all over the world.
Around 11 million people affected would be Spanish, but the database put up for sale is close to 500 million numbers. Although from WhatsApp they do not believe that a hack to their platform is justified, the presence of these numbers exposes their owners to different cyber risks.
According to the aforementioned media, these malicious actors would have done so with the aim of implementing, among other things, attacks of ‘smishing’ and ‘vishing’ -which involve impersonation through an SMS or a call, respectively-, as well as to impersonate other users and commit fraud, malicious techniques that multiply in companies and organizations.
“Once cybercriminals have the telephone numbers and other means of contact and sell them, attacks such as ‘vishing’ or ‘smishing’ have a very large potential to multiply”, comments the technical director of Check Point Software for Spain. and Portugal, Eusebio Nieva, in line with what happened.
Describing both as “very dangerous” because cyberfraudsters “can gain access to business data through them”, Nieva points out that they can even “deceive an employee to perpetrate an economic robbery”.
This type of attack increases on dates of massive purchases, such as the black friday or the cyber monday, as well as during sales initiatives of the brands themselves, such as Amazon Prime Day.
So much so that, according to a study published by the cybersecurity company last July, ‘phishing’ emails related to the company founded by Jeff Bezos increased by 86 percent during the celebration of this event.
Leaking data from other accounts
The filtering of millions of whatsapp numberssubsequently put up for sale on dedicated online hacking forums, often leads to other user accounts being stolen.
“It happens especially if we have the credentials of one of them and we have the same in the others”, points out the technical director of Check Point, who insists on the need to have an exclusive credential for each account.
“Sometimes it may seem cumbersome to remember all of them, but if we select a good password manager, it can make the task much easier,” he adds, recalling the importance of having authentication systems.
“It is important to implement the factor of double authentication in all the services, since in this way if someone tries to access from another point, they will be blocked and we will be able to avoid the attack”, concludes Nieva.