OTP scam or One-time Password scam is quite familiar among the WhatsApp users this time around. A phone-hacking scam has been making its way around on the app. It is a trick designed by hackers to gain illegal access to the accounts.
An OTP is an automatically generated thread of characters or numbers that authenticates a user for a single login attempt.
According to the Bhutan Computer Incident Response Team (BtCIRT), a hacker, through a friend or unknown number will try to get access to its victim’s account by sending an OTP and then asking to share it, claiming that he or she is in an emergency.
”If an account gets hijacked, the hacker will use the contact in the account to send an OTP. The hacker will convince the friend and ask for the six-digit code, which the friend will do without a doubt. And her account gets hacked,’’ said Dechen Chhoeden, an IT Officer with BtCIRT.
By doing so, the hacker will get access to all the contacts, documents, conversations, and data from the account and use it to harvest all possible gains. However, users can surpass the scam by refraining from sharing the OTP, in case they receive one, and authenticating that it is not a scam.
Likewise, a user can also make one’s account more secure by enabling two-factor authentication. According to Dechen Choden, two-factor authentication will give an account the second layer of security.
She added, ”a strong username and password is the first layer authentication. The two-factor authentication will require a user to enter two distinct forms of identification such as the Personal Identification Number (PIN) or a thumbprint.’’
BtCIRT officials added if victimized by such a scam, reinstalling and resetting the app will save a great deal of damage.
Meanwhile, in recent times, several other scams have also been doing round on various social media platforms promising certain gifts and cash. People are advised not to click any links received through SMS, emails, and instant messaging apps that claim such offers.
Sonam Pem