WhatsApp boasts the world’s most secure encryption, but hackers can use social engineering to make their way into your chats – through you, the user. Here’s how to stay one step ahead and keep your data safe on WhatsApp.
WhatsApp, the secure messenger acquired by Facebook in 2014, currently has over 2 billion active users. These users are all protected by end-to-end encryption that keeps their chats safe from prying eyes — in fact WhatsApp is also unable to see the contents of your messages. This is thanks to the encryption protocol created by the developers of Signal Messenger, which has been implemented in WhatsApp.
While end-to-end encryption and protect users from hackers trying to read their messages over the network, hackers still manage to get the information they need from users. WhatsApp authenticates users based on their phone number, sending a verification code over SMS. As part of the scheme to “hack” a user’s account, many WhatsApp users have received scam calls and messages in the past, from malicious users who ask for “help” while posing as a known person.
This “social engineering” usually includes asking for a verification code along with excuses such as “their phone network is unavailable”. Soon after the user shares the six-digit code, the hacker gains access to their account.
Unfortunately, while you might think many users would not fall for such a scam, the reality is that many people who do not understand the way verification codes work, think they are helping their friend, but are actually handing full control of their account to the attacker. Once the attacker is in, they can simply transfer the number (along with all your groups) to another number and delete your original account. They can also pretend to be you, while cheating your friends out of their accounts too.
If you want to prevent all of the above from happening to you, here are the steps to securing your WhatsApp account. The first step is to simply decline any requests from anyone claiming to be your friend, asking for a verification code — no matter the reason.
Enable two-step verification
This setting is by far the most important setting users must enable on their WhatsApp account in order to protect themselves from hackers. The setting allows you to set a six digit PIN on your account, that will be used to unlock your account after you receive your SMS verification code. Even if a hacker manages to get hold of your SMS code, they will not be able to log in to your account if they do not have this code.
Step 1) Go to WhatsApp Settings, tap on Account and then tap on Two-Step verification.
Step 2) Now enable the setting and enter a PIN. You will need to reenter the PIN to make sure you entered it correctly.
Step 3) WhatsApp has saved your PIN at this point, but it will keep asking you to enter your PIN from time to time just to ensure that you do not forget it and get locked out of your own account.
Double check your privacy settings
While these settings are not directly related to hackers taking control of your account, they can give attackers a very good idea of who you are and the people you are in contact with, which can be users for social engineering. To prevent this from happening, you should set your privacy settings to keep your personal information out of the hands of hackers and unscrupulous elements.
Step 1) Go to WhatsApp Settings and tap on Account and tap on Privacy.
Step 2) Now check settings for Last Seen, About, Profile Photo and Status. Make sure these are all set to “My contacts” to ensure no one who you do not know can see this information.
Step 3) Make sure that you block any messages from unknown senders asking for personal information and report them to WhatsApp using the in-chat menu.