How to secure your whatsapp account from being hacked


How to secure your WhatsApp account from social hacking

Skip to main content

The VergeThe Verge logo.

The Verge homepage

The VergeThe Verge logo.
  • Tech/
  • Facebook/
  • Reviews

/

Set up a PIN before someone else gets the chance

By Jon Porter / @JonPorty

|

Share this story

Photo by Thomas Ricker / The Verge

Facebook’s WhatsApp messaging service is incredibly easy to set up, but this easy setup process means that your account is open to abuse if you’re not careful. Thankfully, it’s fairly simple to enable an extra layer of security on your account, which means that you won’t lose it if your six-digit activation code gets compromised.

These security options unfortunately won’t stop you from a serious hack such as the one that hit Amazon CEO Jeff Bezos. What it will do is offer another layer of protection if someone manages to trick you into sharing your security code, which is a process known as “social hacking.”

If you need any convincing about why it’s a good idea to use this extra security, then allow me to share a friend’s recent experience about what can go wrong when you don’t.

Bleary-eyed one Sunday morning, she received a WhatsApp message from a close friend that asked if she could forward over a six-digit code that she was just about to receive via SMS. Without thinking, and because she trusted her friend, she sent over the code and suddenly found herself logged out of her WhatsApp account. 

Never share your six-digit WhatsApp verification code with anyone

You probably realized what happened. That wasn’t just any six-digit code; it was the six-digit code that WhatsApp sends to your mobile number via SMS to associate with your WhatsApp account. In sharing that number, my friend had inadvertently allowed the attacker to log in to her account.  

Since her attacker now had control of her account, they were then able to send messages from it to any contacts she was in the same group chat with. That’s how the attacker was able to ask for my friend’s six-digit verification code via another friend’s number; they’d gained control of that account as well and used it to message every contact they could, trying to rope them into the scam.

In theory, having your WhatsApp account taken over should be a fairly easy situation to resolve: just enter your phone number into the app and have it send you another six-digit code. The problem is that hackers can spam your number with a bunch of incorrect six-digit codes so that you get locked out of your account for up to 12 hours. Then, if you hadn’t set up a PIN of your own, this leaves an attacker free to set up one of their own on your account, locking you out for seven days in total.

That’s why it’s so important to remember these two rules:

  1. Never share your six-digit WhatsApp code with anyone — not your parents, not your best friend, and definitely not your sibling. No one will ever have a legitimate reason to ask for the code that WhatsApp sends you over SMS, so don’t even think about sharing it.
  2. Should the worst happen, then setting up a PIN will act as another barrier to stop someone from being able to sign in to your account, and it will stop this nightmare from happening to you.

How to secure your WhatsApp account

Somewhat confusingly, the PIN is also six digits long. In order to set it up:

  • Open WhatsApp and tap the three dots on the top right of the screen
  • Hit “Settings” > “Account” and then pick “Two-step verification”
  • Hit “Enable,” and then pick your six-digit PIN. The gallery of screenshots below will walk you through the whole process.
  • This next step isn’t mandatory, but adding an email address will allow you to recover your account if you forget your PIN. WhatsApp will periodically ask you for your PIN while you’re using it so that you don’t easily forget it, but we’d still recommend having a backup.

One more thing: it would be remiss of us if we didn’t mention that, in the past, Facebook (WhatsApp’s parent company) has gotten in trouble for using phone numbers provided for two-factor authentication for ad-targeting. The Federal Trade Commission told the company to stop the practice last year. When we asked WhatsApp, it categorically denied that it does this with its backup email addresses, and we think the benefits of providing an email address outweigh the risks.

Vox Media has affiliate partnerships. These do not influence editorial content, though Vox Media may earn commissions for products purchased via affiliate links. For more information, see our ethics policy.

Most Popular

  1. Apple’s latest AirPods Pro have hit their all-time low at Amazon


  2. In celebration of the dumb phone, a rare sanity-saving gadget


  3. Hatch Restore 2 review: TikTok made me try it


  4. Substack CEO pushes back at Elon, says Twitter situation is “very frustrating”


  5. Chasing rainbows


  • The best robot vacuum you can buy right now

  • Y’all, this laptop is too much

  • Oura Ring Generation 3 review: a relationship for the long term

  • Sony’s new ZV-E1 camera is designed to help your vlogs suck less

Seven tips you can follow to protect your WhatsApp account from hackers

Last week, the big news was about Amazon CEO Jeff Bezos and his phone being hacked by Saudi Arabia. A report coming from the Guardian suggested that Bezos’ phone was hacked via a video file sent on WhatsApp. The report said that Bezos’ mobile phone was hacked by Saudi Arabian prince in the year 2018 and gigabytes worth of data was stolen from the device.

Meanwhile, another report coming from Wall Street Journal revealed that his girlfriend, Lauren Sanchez was the one who had shared her private text messages with the Amazon CEO. Sanchez is believed to have sent the messages to her brother Michael Sanchez, who sold the data to the National Enquirer, which then published a story about Bezos and Sanchez’ affair.

Read here to know everything that happened in Amazon CEO Jeff Bezos’ phone hack case

While there are some issues being raised about the report which states with the ‘medium to high confidence’ that Jeff Bezos’ phone was hacked, it does raise a security fear for regular users. After all, if the phone of one of world’s most powerful man can be hacked, the same can happen to any one of us as well. Here are seven tips you should keep in mind to protect hackers attack you via WhatsApp.

End-to-end encryption

All WhatsApp users should ensure that their chats are end-to-end encrypted. To verify that a chat is end-to-end encrypted, open the chat, tap on the name of the contact to open the contact info screen, and then tap Encryption to view the QR code and 60-digit number. WhatsApp end-to-end encryption ensures that only you and your contact can read the messages that are being exchanged and nobody in between, not even WhatsApp.

Don’t click on any suspicious link

Do you keep getting random links as messages from your contact on WhatsApp? Well, then you should never click on links that you find fishy. In fact, it’s a good idea to first known what the sent link is all about from your contact and then click on it. Some reports suggest that WhatsApp is working on a “suspicious link” feature, which will make it easy for users to find out a certain link is authentic or not.

Tweak those privacy settings

WhatsApp provides various privacy options to the users. The messaging platform provides users with options to choose who they want to share their profile photo, status, and other details with. It’s a good idea to change the Setting to “Contacts only”. This means only phone number that are saved on your smartphone will be able to see your profile photo, status, phone number, and auto-delete status as well.

Advertisement

Deactivate WhatsApp when phone is stolen, lost

Losing phone is a very common phenomenon. In this case, you should ensure to deactivate WhatsApp account before someone else hacks it and gets access to all  your personal data. To deactivate WhatsApp account, go to Settings, Delete my account option, enter phone number, and then click on “Delete my account”.

Remember to log out of WhatsApp Web

We often have the tendency to login to WhatsApp Web at office and then leave the account open on the desktop. This habit can actually create problems for you. Someone else sitting on the same PC can access all your chats without you even realising it. It’s a good practice to Logout from WhatsApp Web before leaving office. It’s just takes seconds to login again. Just scan the code and you’re done.

Lock WhatsApp screen

Try out WhatsApp lock screen option available on Android. This will ensure no one else can but you can open your WhatsApp account. Just head to Settings menu, Privacy, and then select Screen Lock option. You will then need to register your fingerprint. After the process is completed, you will have to scan your fingerprint every time you open the WhatsApp app. This adds an extra layer of security.

Here are some more privacy WhatsApp features. Check out

Advertisement

Two step verification

WhatsApp introduced the “Two-step verification” feature around two years ago. This feature adds more security to your WhatsApp account. To enable two-step verification, open WhatsApp, go to Settings, click on Account, Two-step verification, and enable it. WhatsApp also asks you to enter your correct email address.

Here’s how to enable Two  step verification on WhatsApp

Also Read

WhatsApp mentioned in an official blog that, “this email address will allow WhatsApp to send you a link via email to disable two-step verification in case you ever forget your six-digit PIN, and also to help safeguard your account. We do not verify this email address to confirm its accuracy. We highly recommend you provide an accurate email address so that you’re not locked out of your account if you forget your PIN.” The messaging platform also said, “If you receive an email to disable two-step verification, but didn’t request this, don’t click on the link. Someone could be attempting to verify your phone number on WhatsApp.”

10 ways to securely protect WhatsApp from hacking and wiretapping

Let's talk.

By default, the security of the WhatsApp messenger is so-so. The same goes for privacy. However, fine-tuning will, if not eliminate, then at least minimize the risks. We will teach you how to make the application more secure and help protect the privacy of your correspondence.

1) Turn on two-factor authentication

Launch the messenger, go to "Settings", then to "Account", click on "Two-step verification", and then - "Enable". Now come up with a PIN code (be sure to remember it). Don't forget to also include your email address in case you need to change your PIN in the future.

Now, when you need to confirm your messenger account, in addition to the SMS code, you will also need to enter a PIN.

2) Disable pop-up messages

Go to "Settings", select "Notifications", turn off "Show notifications" (you can separately disable pop-up messages, both from users and groups).

This will increase privacy - no one will see confidential correspondence on the screen of your locked smartphone.

3) Hide your own activity time

By default, WhatsApp users are shown each other's online activity time. That is, you can find out when you last launched the messenger.

If you do not want anyone to know that you have been online recently, then go to "Settings" → "Account" → "Privacy" and replace the item "Been (-a)" to "Own contacts" or "No one".

4) How to hide correspondence with a specific user?

It's easy to hide a conversation without deleting a conversation. To do this, just select the desired chat, then swipe it from right to left, and then click "Archive".

Yes, if someone has access to your smartphone and this someone is more or less an advanced user, he will find the conversation in the archives. However, not everyone knows about it. At least some protection.

5) Blocking users

And this will help you get rid of spammers, numerous scammers and people who are simply unpleasant to you.

It's simple - you need to add an annoying or unwanted contact to the black list. To do this, click on the user's contact, click on the avatar from above, go down to the very bottom, where we find the "Block" option. We block.

By the way, you can see the entire list of blocked users by going to "Settings" → "Account" → "Privacy" → "Blocked".

6) Disable message backup

In order to disable the backup of your correspondence in iCloud, you need to go to "Settings", then to "Chats", click on "Backup", and then to the item "Automatically". Change it to "Disabled".

The fact is that in the cloud all correspondence is stored unencrypted. If your account is hacked, your chats will also be accessed.

7) Hide information, statuses, photos

Go to "Settings" → "Account" → "Privacy". There we select the desired item: “Profile photo”, “Information” or “Status”, determine who will see your data (either “No one” or “My contacts”) - this way strangers will not be able to track you.

8) Hiding message read notifications

If you do not want your interlocutors to know that you have already read their messages (by default this is indicated by a blue double checkmark), you need to go to "Settings" → "Account" → "Privacy" and uncheck the box "Read records".

Unfortunately, after that you will not be able to see similar checkmarks from your contacts.

Yes, it only works in regular chats, not group chats.

9) How to hide information about reading a message without turning off read receipts

Still, there is a possibility to read messages without notifying the sender, while not turning off read receipts (as in the previous paragraph). Airplane mode to the rescue. We turn it on, read the message, close WhatsApp, turn off airplane mode. That's it - the sender will not be notified of the read.

10) Turn off the display of geolocation

You can share your geolocation in WhatsApp - the application allows you to quickly send the desired address. You can choose how long to share your location: 15 minutes, 1 hour, or 8 hours.

What if you need to disable this feature (let's say you accidentally shared your geolocation by mistake)? We go to "Settings" → "Account" → "Privacy", select "Geodata" there, and then "Stop sharing". All!

✅ Follow us on Telegram, VKontakte, and Yandex.Zen.

How to 100% protect WhatsApp from being hacked

Whatsapp

Messengers Instructions Tips

How to protect WhatsApp from hacking by 100%

Alexander Kuznetsov —

In the last few weeks, attempts to hack into WhatsApp accounts have increased. Even if you have SMS login confirmation set, your account may be taken away.

The signal that they are trying to hack you will be SMS messages showing that someone enters your phone number in their application and wants to receive a code to enter your account. You will see a similar notification in WhatsApp itself - this is a signal that someone wants to access your correspondence and contact list.

Of course, such messages can be ignored, because the code to enter your account comes to your phone, and not to hackers, but not everything is so simple. With a certain desire, an attacker can still intercept this code - for example, if he receives a duplicate SIM card in a communication salon, impersonating you, or uses equipment that exploits cellular network vulnerabilities and redirects messages to his device.

Protecting WhatsApp login using a code that comes via SMS cannot be considered reliable, so if you want to protect your account 100% from hacking, you should protect it with a PIN code. WhatsApp provides such an opportunity - you can add a PIN code through the settings. Now, every time you launch the application, you will have to enter this code, which is not very convenient, but you will be completely protected.

This protection is implemented at the account level, not the device level, that is, the same PIN code will need to be entered when trying to log into an account on another smartphone. Even if an attacker intercepts an SMS message with an account login code, he is unlikely to be able to pick up a PIN code (of course, unless you set something very simple, like 000000 or 123456).

iGuides in Yandex.Zen — zen.yandex.ru/iguides.ru

iGuides on Telegram — t.me/igmedia

Recommendations

  • RuTracker does not work for several days. How to find and download torrents via Telegram
  • You can now chat with ChatGPT directly in Telegram
  • Is it worth buying an iPhone in Russia in 2023? Everything you need to know about sanctions, repairs, the App Store and Apple Pay (UPDATED)
  • How to install "Sberbank", "Tinkoff", "Alpha" on any iPhone and iPad, and save applications "in reserve"

Recommendations

RuTracker does not work for several days.


Learn more