Kaspersky issues guidelines to prevent WhatsApp account from being hacked

ISLAMABAD: Cybercriminals may also target users’ messaging app accounts. Stolen WhatsApp accounts are exploited for various criminal activities, ranging from distributing spam to executing complex scam schemes aimed at financial fraud. Cybercriminals are constantly on the lookout for WhatsApp accounts and use different techniques to gain access to them.

There are two primary methods through which cybercriminals can take control of a WhatsApp account: they can either link another device to an existing account via the “Linked devices” feature or re-register the account on their own device, as though the user has switched to a new phone. In the first scenario, the user continues to use WhatsApp as usual, but the criminals can access all recent conversations. In the second case, the user loses access to their account. When attempting to log in, WhatsApp will notify the user that the account is in use on another device, and the attackers gain control of the account, though not the previous messages.PTA Launches its Official WhatsApp Channel

“Instant messaging platforms often contain not only personal details about our lives and relationships but also work-related information, which in some cases may include confidential data. If you notice any unusual activity, such as receiving responses to messages you didn’t send, or if your friends report strange messages from your account, it’s crucial to act quickly to protect your privacy. This can include logging out of all other devices except your phone and notifying your friends and family — through a call, WhatsApp status update, or social media — advising them not to trust messages from the hacked account and not to transfer any money,” advises Hafeez Aziz, technology expert in Pakistan at Kaspersky.

For instructions on what to do if your WhatsApp account has already been compromised, and to prevent future hacking, users should activate two-step verification on WhatsApp and remember their PIN, which is not a one-time code. To do this, go to Settings → Account → Two-step verification. Never share your PIN or one-time registration codes with anyone, as these are typically requested by scammers.

WhatsApp has recently introduced support for passkeys. Enabling this feature (Settings → Account → Passkeys) will require biometric authentication to log into your account, and instead of PIN codes, your smartphone will store a long cryptographic key. This is a very secure option, though it might not be convenient for users who frequently change devices or switch between Android and iOS.

Set up a backup email address for account recovery: Settings → Account → Email address. If you’ve already registered an email address, log in to your email account and change its password to a strong, unique one. To store it securely, consider using a password manager, such as Kaspersky Password Manager. Also, enable two-factor authentication for your email account.

Ensure that you haven’t fallen victim to a SIM swap scam. Contact your mobile carrier — ideally in person — and verify that no duplicate SIM cards have been issued for your number. Additionally, ensure that there is no unauthorized call-forwarding set up on your number. Cancel any suspicious changes and inquire about further security measures for your SIM card.

Any security measures on WhatsApp will be ineffective if your smartphone or computer is infected with malware. Therefore, it is essential to install comprehensive protection like Kaspersky Premium on all your devices.