I recently moved to a new place and bought a new
mobile connection from one of the cellular providers. Number got activated and then I created a new WhatsApp account. After I successfully opened
my new WhatsApp, daily I started receiving many messages from the people I
never ever met, complete strangers. They thought that the number belongs to a
person, let’s say X. Initially I thought, OK this might be a normal thing
because they might be contacting the person after a long time, and unaware that
the person might have changed his/her number. I started telling them
"wrong number". I have no idea whether the previous owner of this
number was a politician or a famous/infamous person. But I keep getting many
calls and messages intended to that person X. Some added me in to a few
WhatsApp groups (work/personal). Getting frustrated.
People started sending sensitive documents,
personal messages as well. And being a security pro, this led me to write a
post regarding the possible security risks associated with this small 'wrong
number' mistake.
1) A Sender without verifying the receiving person,
or his number started sending sensitive/confidential documents. This is a
mistake from the sender and before you pass anything over any medium of
communication, make sure that the receiver details are correct.
2) Don't add people whom you don't know in to a
WhatsApp group.
3) Better avoid using WhatsApp for your job related
or official purposes. There is a high chance of making a mistake by sending
chats/files to the wrong person/group.
4) Now assume, the receiver is a evil person. He
can impersonate the person, stole his/her identity and can perform social
engineering attacks.
5) The receiver can also misuse the
confidential/sensitive information for illegal purposes.
So how to avoid such incidents?
1) Be cautious. You do your actions carefully. Make
sure, you are communicating with the right person.
If a person is not using his
mobile connection for a period of time, for example 6 months, then the provider
may cease the connection and release the number again in the market.
2) Enable two-step verification.
So that, nobody can create/clone another WhatsApp for the same number on
another device.
3) Don't sent your personal information, work
related data over WhatsApp. I know the world is now running using WhatsApp.
More than office communicator, people rely on WhatsApp. This is very wrong and
unprofessional.
4) In your WhatsApp privacy -> Groups settings,
restrict the people who can add you in to new Groups.
Note: Some old guy started flirting as well. I
guess the previous owner of the number was a female. Though i informed him that
you are sending messages to the wrong person, he acknowledged and the very next
day he started sending me new messages. 😆
I have blocked so many numbers and exited groups.
Now thinking of deleting my WhatsApp. 😤