For more headlines like this, please subscribe to Afrihkanews.com
In the past month, there have been a number of phone fraud cases in Hong Kong involving fraudulent use of messaging software accounts.
The Office of the Privacy Commissioner for Personal Data announced yesterday (5th) that it had received reports from five social welfare organizations and schools stating that their WhatsApp accounts had been compromised, and scammers used these accounts to send messages to contacts in their address books. Trying to trick them into offering money.
The incidents affected nearly 900 people, including beneficiaries, students, parents and staff, whose personal information such as names and mobile phone numbers were compromised.
According to the office, scammers will pose as relatives and friends of the victim through WhatsApp messages and ask the victim to forward the account verification code. Alternatively, they will use a fake WhatsApp website to trick victims into providing a phone number and account verification code, allowing the scammer to access their account. The scammer then impersonates the victim and sends messages to their contacts in an attempt to extort money or personal information.
To enhance security, the office urges citizens to enable the two-step verification feature in WhatsApp, regularly check connected devices in the app settings, and log out of devices that are no longer used or familiar to them. It also recommends not sharing passwords or verification codes with others.
When searching for WhatsApp Web online, individuals should exercise caution and avoid clicking on fake WhatsApp Web. If someone receives a message on WhatsApp asking for payment, transfer, or personal information, they must verify the identity of the sender before taking any action.
In addition to the WhatsApp account theft incident, the Hong Kong Computer Emergency Response Team Coordination Center also warned about the increasing number of phishing traps targeting instant messaging platforms such as WhatsApp.
According to the Office of the Privacy Commissioner, the affected organizations have informed affected individuals of these incidents. The modus operandi of WhatsApp hijacking typically involves scammers posing as an acquaintance or loved one of the victim and using a fake WhatsApp website to obtain their phone number and application registration code.
Once a fraudster gains access to an account, they try to trick the victim's contacts by sending messages. In some cases, hackers use QR codes to create fake login pages to gain unauthorized access to victims' accounts. These fraudulent web pages are often promoted through paid advertising to appear prominently in search engine results.
By scanning the QR code, hackers can access the victim's account, including photos, videos, documents, chats, and contacts. They can also impersonate victims and use their accounts to send messages to contacts, including requesting fund transfers.
Cybersecurity experts urge the public to verify URLs of instant messaging platforms before logging in and to avoid clicking on links from unknown sources, including search engine ads. It is also recommended to check if there are any unfamiliar devices associated with their account and to regularly check archive folders for any signs of malicious activity.
If personal information may have been compromised, individuals are encouraged to lodge a complaint with the Office of the Privacy Commissioner.
Last year, WhatsApp was embroiled in a data scandal, with reports that the mobile numbers of nearly 500 million users, including about 3 million in Hong Kong, were leaked and put up for sale on a prominent online hacking forum.
Meta, however, denied the allegations, saying the report was speculative and unsubstantiated. The company found no evidence of a data breach on WhatsApp systems.
5个组织和学校的WhatsApp帐户被黑,近900人的个人数据被泄露
过去一个月,香港发生多起涉及冒用通讯软件账户的电话诈骗案件。
个人资料私隐专员公署昨日(5日)公布,接获五间社会福利机构及学校举报,指其WhatsApp账户遭盗用,诈骗者利用这些账户向其通讯录内的联系人发送讯息。 试图诱骗他们提供金钱。 这些事件影响了近 900 人,包括受益人、学生、家长和工作人员,他们的姓名和手机号码等个人信息被泄露。
据该办公室介绍,诈骗者会通过WhatsApp消息冒充受害人的亲友,要求受害人转发账户验证码。 或者,他们会使用虚假的 WhatsApp 网站诱骗受害者提供电话号码和帐户验证码,从而使诈骗者能够访问他们的帐户。
然后,诈骗者冒充受害者并向他们的联系人发送消息,试图勒索金钱或个人信息。
为了增强安全性,该办公室敦促公民启用 WhatsApp 中的两步验证功能,定期检查应用程序设置中的连接设备,并注销不再使用或不再熟悉的设备。 它还建议不要与他人共享密码或验证码。
在线搜索 WhatsApp Web 时,个人应谨慎行事,避免点击假冒 WhatsApp Web。 如果有人在 WhatsApp 上收到要求付款、转账或个人信息的消息,他们必须在采取任何行动之前验证发件人的身份。
除了WhatsApp帐户被盗事件外,香港电脑紧急应变队协调中心也警告称,针对WhatsApp等即时通讯平台的网络钓鱼陷阱日益增多。
据隐私专员办公室称,受影响的组织已将这些事件告知受影响的个人。 WhatsApp 劫持的作案手法通常涉及诈骗者冒充受害者的熟人或亲人,并使用虚假的 WhatsApp 网站获取他们的电话号码和应用程序注册码。
一旦欺诈者获得了帐户的访问权限,他们就会尝试通过发送消息来欺骗受害者的联系人。 在某些情况下,黑客使用二维码创建虚假登录页面,以未经授权访问受害者的帐户。 这些欺诈性网页通常通过付费广告进行推广,以显着地出现在搜索引擎结果中。
通过扫描二维码,黑客可以访问受害者的帐户,包括照片、视频、文档、聊天记录和联系人。 他们还可以冒充受害者并使用其帐户向联系人发送消息,包括请求资金转账。
网络安全专家敦促公众在登录之前验证即时通讯平台的网址,并避免点击来自未知来源的链接,包括搜索引擎广告。 还建议检查是否有任何不熟悉的设备与其帐户关联,并定期检查存档文件夹是否有任何恶意活动的迹象。
如果个人信息可能遭到泄露,我们鼓励个人向隐私专员办公室提出投诉。
去年,WhatsApp 卷入数据丑闻,有报道称近 5 亿用户的手机号码被泄露,其中包括香港的约 300 万用户,并在一个著名的在线黑客论坛上出售。 然而,梅塔否认了这些指控,称该报告是推测性的且未经证实。
该公司没有发现 WhatsApp 系统存在数据泄露的证据。
Comments