WhatsApp account hacked? This is what you need and must do

South Africans have been warned about a hacking campaign by criminals taking over people’s accounts

WhatsApp is the most popular mobile messaging platform in South Africa, with 93.9% of active social media users using the app, followed by Facebook at 88.6%, TikTok at 76.9% and Instagram at 71.4%, according to Meltwater.com.

WhatsApp

The large number of users and the platform’s popularity makes it a popular playground for criminals.

Suspicious or scam messages can occur when an unsaved WhatsApp user tries to trick you into sharing personal or financial information.

Stolen WhatsApp accounts can be used for spam distribution and scam schemes, prompting users to be wary of cybercriminals who use various methods to gain access to them.

ALSO READ: Time to upgrade: These are some of the smartphones that no longer support WhatsApp

Precautions

Arthur Goldstuck, founder of World Wide Worx, advised South Africans to be cautious when protecting their social media accounts, particularly on WhatsApp.

“WhatsApp hacking is one of the most common forms of getting into people’s identities because people tend to be too trusting of anyone who enters that very personal communication space.

“E-mail phishing is still the most common way of compromising someone’s credentials, but people are getting more and more savvy to that, and the message has got through that you don’t just click on any link that anyone sends you. But in WhatsApp, people are still not used to the idea that someone can hack your account or take over your identity,” Goldstuck said.

WhatsApp hacking

According to Kaspersky, cybercriminals can take control of your WhatsApp account in one of two ways. They either add another device to your account using the “Linked devices” feature or re-register your account on their device as if you’d bought a new phone.

In the former case, you continue using WhatsApp as usual, but the criminals also have access to it, including your recent conversations.

In the second case, you lose access to your account and when you try to log in, WhatsApp notifies you that your account is in use on another device. The attackers can control your account, but won’t have access to your past conversations.

ALSO READ: WATCH: WhatsApp rolls out update with refreshed design for iOS and Android

What to do if your WhatsApp account has been hacked

• Make sure the SIM card linked to your WhatsApp account is inserted in your smartphone.
• Open WhatsApp on the smartphone.

If it opens normally

• Go to the WhatsApp settings: Settings on iPhone, or the additional menu (three dots) on Android. Tap Linked devices.
• Tap each device listed on this page.
• Tap Log Out. This will disconnect all additional devices from your account and cut off the attackers.
• If the messenger tells you that you’re logged out and need to register
• Enter your phone number.
• Request a one-time registration code.
• Wait for an SMS or a voice call with the code.
• Enter the received code.

Restoration

If your account was protected with a two-step verification PIN, after entering the one-time registration code, enter your PIN as well.

WhatsApp may offer to restore your chats and settings from a backup in iCloud, Google Drive, or local storage. Accept!

If you hadn’t previously set a two-step verification PIN, but WhatsApp requests it after you enter the one-time code, the attackers may have set a PIN to prevent you from regaining access to your account.

The PIN can be reset using the Forgot PIN

E-mail address

If an email address is linked to your WhatsApp account, you’ll receive a PIN reset link instantly. Go to your email, open the latest message from WhatsApp, tap the link inside, and then tap Confirm. After this, you can return to WhatsApp and set a new PIN.

If you hadn’t linked an email address, you can still request a PIN reset, but you’ll have to wait a week before the PIN is removed. During this time, your WhatsApp account will remain inaccessible. After a week, you can log back in to your account following the instructions above.

Once you’ve completed these steps, the attackers will be disconnected from your account.

ALSO READ: WATCH: Meta releases new AI assistant on WhatsApp, Facebook and Instagram

Protection

To protect your WhatsApp account, enable two-step verification in WhatsApp and memorise your PIN — it’s not a one-time code. To do this, go to Settings → Account → Two-step verification.

Never, ever share your PIN or one-time registration codes with anyone. Only scammers ask for these details.

WhatsApp recently introduced support for passkeys. If you enable this option (Settings → Account → Passkeys), logging in to your account will require biometric authentication, and instead of PIN codes, your smartphone will store a long cryptographic key.

This is a very secure option, but it may not be convenient if you frequently change devices and switch between Android and iOS.

If you get a suspicious call, hang up the call or stop replying to the user. If you can’t verify the contact’s identity, do not share any personal or financial information.

Block the user to stop them from contacting you, and report them to WhatsApp.

Sim swap scam

Make sure you haven’t fallen victim to a SIM swap scam. Contact your mobile carrier — preferably in person — and verify that no duplicate SIM cards have been issued for your number recently.

Also, ensure that there is no unauthorised call forwarding set up on your number. Cancel any suspicious changes and ask the staff about additional security measures for your SIM card.

These may include prohibiting SIM-related actions without your presence, requiring an additional password for authentication, or other security measures.

NOW READ: Zuckerberg downplays Meta’s alleged abuse of power to acquire Instagram and WhatsApp [VIDEO]