Nigeria’s National Information Technology Development Agency (NITDA), has issued some advisory based on the alleged leak of nearly 500 million Whatsapp users’ mobile phone numbers globally, including over 9million contacts from Nigeria.
The advisory on ‘WhatsApp Leak’, NITDA said, is part of its role to protect the Information and Communications Technology space and users in Nigeria.
The ICT policy implementing arm of the Nigerian government noted that it decided to issue the advisory because there is an impending danger of threat actors using these data to carry out malicious activities, which may put users at great risk.
“Such information could be used to perpetrate cyber-attacks such as smishing and vishing,” it said.
It explained that Smishing involves sending an unsuspecting users text message(s) and asking them to click on links or provide personal information which can be used to scam victims or to launch other attacks, while Vishing on the other hand, entails the use of phone calls or voice messages by cyber criminals to manipulate or deceive unsuspecting recipients into revealing or giving out sensitive information, which could be used to carry out fraudulent acts.
In this regard, the National Information Technology Development Agency’s Computer Emergency Readiness and Response Team (NITDA-CERRT) is alerting the public, most especially instant messaging platform users to be wary of unsolicited calls, voice notes and messages from unknown numbers.
Also, in order not to fall victim, users are encouraged to be mindful and adhere to the tips below.
They are:
- Enable two-factor authentication on your instant messaging app
- Do not reveal personal information on your profile
- Do not respond to requests from untrusted or unknown contacts, asking for your personal data, passwords or other verification code via messages or calls.
Several news media, including Cybernews have it last week reported that mobile phone numbers of nearly 500 million WhatsApp users from 84 countries were allegedly stolen and are on sale on the Dark Web. But WhatsApp through its spokesperson said that the report is based on unsubstantiated screenshots” and that there is “no evidence of a ‘data leak’.
Background
TechEconomy had reported that the dataset allegedly contains WhatsApp user data from 84 countries. Threat actor claims there are over 32 million US user records included.
Another huge chunk of phone numbers belongs to the citizens of Egypt (45 million), Italy (35 million), Saudi Arabia (29 million), France (20 million), and Turkey (20 million).
The dataset for sale also allegedly has nearly 10 million Russian and over 11 million UK citizens’ phone numbers.
The threat actor allegedly said they were selling the US dataset for $7,000, the UK – $2,500, and Germany – $2,000.