CloudSEK has warned of an ongoing WhatsApp one-time password (OTP) scam that could allow threat actors to hijack user accounts through phone calls. The attacks are currently targeting WhatsApp users in India. The attackers call the victims and trick them into making a call to a number starting with 67 or 405. The number dialled by the victims is a service request for Jio and Airtel to do call forwarding when a mobile user is busy. This enables the attackers to trick victims into enabling the call forwarding to a number under their control. The threat actors then start the WhatsApp registration process for the victim’s number, asking them to send the OTP via the call. After a few minutes, the user’s WhatsApp account is logged out and the attackers can take complete control of the account.
Source: https://securityaffairs.co/wordpress/131807/hacking/whatsapp-otp-scam.html
