(Recently, someone impersonated my 70-years old mother on Whatsapp and a few other online messengers. I don’t even know how it is possible to create a Whatsapp account using someone else’s phone number; when I try to create an account, it checks the number by sending me a verification SMS.
One way this happens is to use the social graph: One of your relatives or friends writes you: “I made a mistake and now it sent a verification code to your phone, can you please give me the verification code?”
When your 70-year old mother gets such a message from another 70-year old friend she wants to help her friend and thus passes the verification code along. That verification code can then be used to overtake the account and attack further targets.
If each old person has >10 similar contacts you only need 10% to fall for this to overtake more and more accounts.
Thanks, I learned yet another way to scam people. But no such thing happened. My mother understands the concept of SMS, she says this did not happen, and she keeps the old messages on her phone, I checked them. Someone simply made a Whatsapp account with her phone number without her receiving any SMS message. I have no idea how that is possible—but that is exactly my point. (And, as usual, Whatsapp does not have any customer service that we could contact and ask.)
She already changed her number, so unless the same thing happens again, we consider this problem solved. It was just an illustration how difficult to understand things are (even for an IT guy such as me).
Alternative explanation: Your mother did participate in the scam in some way and is too embarrassed to admit it.
(You know your mother better than I do. I’m just saying this might have happened and you might not have considered it.)
One way this happens is to use the social graph: One of your relatives or friends writes you: “I made a mistake and now it sent a verification code to your phone, can you please give me the verification code?”
When your 70-year old mother gets such a message from another 70-year old friend she wants to help her friend and thus passes the verification code along. That verification code can then be used to overtake the account and attack further targets.
If each old person has >10 similar contacts you only need 10% to fall for this to overtake more and more accounts.
Thanks, I learned yet another way to scam people. But no such thing happened. My mother understands the concept of SMS, she says this did not happen, and she keeps the old messages on her phone, I checked them. Someone simply made a Whatsapp account with her phone number without her receiving any SMS message. I have no idea how that is possible—but that is exactly my point. (And, as usual, Whatsapp does not have any customer service that we could contact and ask.)
She already changed her number, so unless the same thing happens again, we consider this problem solved. It was just an illustration how difficult to understand things are (even for an IT guy such as me).
Alternative explanation: Your mother did participate in the scam in some way and is too embarrassed to admit it. (You know your mother better than I do. I’m just saying this might have happened and you might not have considered it.)