Hackers locked my dad out of WhatsApp – need advice

Question

So about 5 hours ago someone managed to transfer my dad's WhatsApp account to another phone. We're currently locked out of phone and SMS verification because this has been requested too many times. I know this is a bit of a long shot, but does anyone know who I could contact to find out what is going on? I'm really worried that they might be trying to collect PII on him to mount a social engineering attack in the future.

philtar · Accepted Answer

I emailed whatsapp about this a while back and they said it was a non-issue.
How this happens:
1. Hacker adds phone number to their own whatsapp. They do this to thousands/tens of thousands of phone numbers.
2. All of those phone numbers receive an SMS with the OTP to activate whatsapp. In that OTP, there's also a link that will activate whatsapp if you click it. "Enter code XXXXXX or click this link to activate whatsapp on your new phone"
3. Someone, somewhere eventually clicks that link.
4. Hackers take whatsapp account. Add two-factor authentication to it so that you can't take it back by reauthenticating normally.
5. Extortion.
People usually get it back by contacting whatsapp.

shail_official · Answer

Please reach out to the product security team at Facebook.

tsjq · Answer

Is his sim card working, or have they done a sim swap attack?