ZRP has warned people to be wary of deals started and concluded solely on social media as there has been an increase in cases of fraud involving social media. In a recent case, a scammer used someone else’s Econet Line to register for WhatsApp and managed to swindle his/her victims of about $2.5 million ZWL. It’s not clear whether the money has been recovered or not.
The ZRP is investigating a case of fraud where an unknown suspect hacked mobile number 0772967506 on 16/02/22 and accessed some WhatsApp groups where he advertised for an exchange of RTGS transfer for USD currencies.
Several family members responded positively and $2 580 000 was deposited into ZB Bank account numbers 4506676529200, 4506301678200 and 4528281444200.
After depositing the money, one of the victims tried to call the number and it was not being answered prompting him to alert the bank and freeze the mentioned account numbers.The ZRP’s statement on the issue
Probably not hacking but social engineering
The ZRP post describes the act used to acquire access to WhatsApp as hacking. It’s probably more likely that the criminal used social engineering. Usually, it involves tricking the real owner of the Econet line to send the criminal their WhatsApp SMS code. Once the criminal enters the code they can then gain access to the owner’s Econet WhatsApp account. Such an attack can be easily foiled using 2-factor authentication where the hijacker will also have to enter a secret 6 digit code.
Clearly, the “hacker” in this case is a skilled social engineer which is how they managed to leverage their access to the Econet line by convincing his victims to deposit money into bank accounts under his control. It seems however that the victims here were quick to see through the charade and hopefully they acted fast enough.