Protect Your WhatsApp from Hackers—These 3 Urgent Steps Can Save You Today!
- Replies 0
As the holiday season approaches, festive spirit is on the rise, as is scammer activity looking to exploit increased digital communication among friends and family. With its massive user base, WhatsApp has become a prime target for these cyber criminals. The platform's convenience and widespread use make it an attractive avenue for nefarious activities, particularly account hijacking through social engineering tactics.
The pattern is chillingly familiar: scammers trick users into sharing their six-digit setup codes, which WhatsApp sends via text when they attempt to transfer their account to a new phone. Falling for this scam can lead to problems, from stolen accounts to further scams perpetrated against your contacts.
To safeguard your WhatsApp account during the holiday season and beyond, there are three critical security measures you must implement immediately if you haven't already:
1. Enable Two-Step Verification:
WhatsApp refers to its multifactor authentication (MFA) as 'two-step verification.' This feature adds an extra layer of security by requiring a personal PIN and the six-digit code sent by WhatsApp when registering your phone number on a new device. To activate this, go to Settings > Account within the WhatsApp app.
2. Register an Email Address with Your Account:
Adding an email address to your WhatsApp account is another step towards securing your digital identity. This can be crucial for account recovery purposes. While it doesn't prevent account takeovers like MFA does, it's an important recovery tool. Add your email address to the app's Settings > Account section.
3. Set Up a Passkey:
If your device supports it, establishing a Passkey can link your WhatsApp login to your biometric authentication, such as a fingerprint or facial recognition. This acts as a physical key of sorts, making unauthorised access more difficult. Remember, this doesn't negate the need for MFA, which remains the strongest defence against account hijacking.
Jake Moore from ESET emphasises the importance of activating two-step verification, which is only sometimes enabled by default. By adjusting your settings, you significantly reduce the risk of a threat actor taking over your account and using it to target others.
In addition to these three steps, it's vital never to share any codes sent to your phone with anyone. Scammers often pose as legitimate entities to coax these codes from unsuspecting victims. Be vigilant and sceptical of any such requests.
A word of caution: having a passcode on your phone often means that anyone with access to it could potentially access your WhatsApp messages. To counter this, you can use the security features in iOS 18 and Android 15 to hide or secure apps from prying eyes. WhatsApp also offers the option to create a secret chat vault that is protected by a separate code.
Finally, if you receive a message from a contact asking for money or sensitive information, verify the request through another communication method, such as a Signal or a direct phone call. This extra step can help confirm the legitimacy of the request.
By following these steps and remaining cautious, you can enjoy the holiday season with peace of mind, knowing that your WhatsApp account is secure. Remember, staying informed and proactive about your digital security is the best gift you can give yourself and your loved ones.
The pattern is chillingly familiar: scammers trick users into sharing their six-digit setup codes, which WhatsApp sends via text when they attempt to transfer their account to a new phone. Falling for this scam can lead to problems, from stolen accounts to further scams perpetrated against your contacts.
To safeguard your WhatsApp account during the holiday season and beyond, there are three critical security measures you must implement immediately if you haven't already:
WhatsApp users warned of increased scamming activity during the holiday season, focusing on hijacking accounts through six-digit set-up codes. Credit: Depositphotos
1. Enable Two-Step Verification:
WhatsApp refers to its multifactor authentication (MFA) as 'two-step verification.' This feature adds an extra layer of security by requiring a personal PIN and the six-digit code sent by WhatsApp when registering your phone number on a new device. To activate this, go to Settings > Account within the WhatsApp app.
2. Register an Email Address with Your Account:
Adding an email address to your WhatsApp account is another step towards securing your digital identity. This can be crucial for account recovery purposes. While it doesn't prevent account takeovers like MFA does, it's an important recovery tool. Add your email address to the app's Settings > Account section.
3. Set Up a Passkey:
If your device supports it, establishing a Passkey can link your WhatsApp login to your biometric authentication, such as a fingerprint or facial recognition. This acts as a physical key of sorts, making unauthorised access more difficult. Remember, this doesn't negate the need for MFA, which remains the strongest defence against account hijacking.
Jake Moore from ESET emphasises the importance of activating two-step verification, which is only sometimes enabled by default. By adjusting your settings, you significantly reduce the risk of a threat actor taking over your account and using it to target others.
In addition to these three steps, it's vital never to share any codes sent to your phone with anyone. Scammers often pose as legitimate entities to coax these codes from unsuspecting victims. Be vigilant and sceptical of any such requests.
A word of caution: having a passcode on your phone often means that anyone with access to it could potentially access your WhatsApp messages. To counter this, you can use the security features in iOS 18 and Android 15 to hide or secure apps from prying eyes. WhatsApp also offers the option to create a secret chat vault that is protected by a separate code.
Finally, if you receive a message from a contact asking for money or sensitive information, verify the request through another communication method, such as a Signal or a direct phone call. This extra step can help confirm the legitimacy of the request.
