Khaberni - The Cyber Security Council of the UAE government has warned "WhatsApp" users of what is known as the "Zero-Day" attack, confirming that it is one of the most dangerous types of cyberattacks, and that a single call from an unknown number is sufficient to breach the user's account without them needing to answer it.
The Council explained that the "Zero-Day" attack involves a security vulnerability unknown to developers; it is exploited by the attacker before it is discovered or an update is released to fix it, meaning it exists from the first day the app is launched. Attackers leverage these vulnerabilities for spying, data theft, or silently monitoring devices.
The Council assured that this vulnerability allows an attacker to access photos and conversations, and monitor the user without their knowledge, urging application users to adhere to a number of preventive measures, notably:
- Regularly update the application.
- Avoid clicking on suspicious links or downloading files from untrusted sources.
- Block calls from unknown numbers.
- Use reliable protection applications
- Enable the two-step verification feature in "WhatsApp" settings
- Only take security information from official sources recognized by the state.
Phishing websites
The Cyber Security Council of the UAE government has warned against fraudulent and insecure websites, such as phishing sites and electronic spying, urging members of the UAE community to verify the link of any website before entering it.
The Council detailed four warning signs that indicate when a user is about to enter a fraudulent site: spelling errors or substituted letters in the link, absence of HTTPS at the beginning of the link, no lock symbol displayed, and the use of uncommon domain extensions such as: (.xyz), (.kom), (.photo), (.eu.biz).
The Council has urged internet users to ensure the safety of any website before entering it through the following link: https://staysafe.csc.gov.ae, to ensure the protection of their information and data.
