ISLAMABAD – Cybercriminals hack WhatsApp accounts for various purposes, ranging from spam distribution to financial frauds.
To gain control of a WhatsApp account, hackers either add another device to an existing account using the “Linked devices” feature, or re-register the account on their own device as if the user had bought a new phone.
In the first case, both the victims and the hackers enjoy access to WhatsApp at the same time. In the second case, the user loses access to their personal account. When trying to log in, WhatsApp notifies him/her that the account is already in use on another device.
On noticing any unusual activity, such as receiving replies to messages that one didn’t send, or if friends complain about strange messages coming from your account, there is a need to take steps to protect privacy immediately.
“These steps include logging out on all other devices except your phone, as well as informing your friends and family – in a call, an update of your WhatsApp status, or on social networks – warning not to trust messages from the hacked account and not to send money,” said Hafeez Aziz, technology expert at Kaspersky in Pakistan.
To save WhatsApp account from hackers, user should enable two-step verification and memorize PIN, which is not a one-time code.
To do this, go to Settings → Account → Two-step verification. Never, ever share your PIN or one-time registration codes with anyone. Only scammers ask for these details.
WhatsApp has also introduced support for passkeys recently. On enabling this option (Settings → Account → Passkeys), logging in to account will require biometric authentication. Instead of PIN codes, smartphone will store a long cryptographic key. This is a very secure option, but it may not be convenient if you frequently change devices and switch between Android and iOS.
Set up a backup email address for recovery: Settings → Account → Email address. If you’ve already added an email address, log in to your email account and change your password to a strong, unique one. To store it securely, use a password manager, such as Kaspersky Password Manager. Enable two-factor authentication for your email account also.
Make sure you haven’t fallen victim to a SIM swap scam. Contact your mobile carrier — preferably in person — and verify that no duplicate SIM cards have recently been issued for your number. Also, make sure there’s no unauthorized call-forwarding set up on your number. Cancel any suspicious changes and ask the staff about additional security measures for your SIM card.
Any security measures in WhatsApp will be of little use if your smartphone or computer is infected with malware. Therefore, be sure to install comprehensive protection like Kaspersky Premium on all your devices.
