Govt issues nationwide alert over surge in WhatsApp account hijackings
ISLAMABAD: Pakistan’s National Cyber Emergency Response Team (National CERT) has issued a nationwide advisory warning of a sharp rise in WhatsApp account hijackings, describing the threat as active, widespread and high risk.
According to the advisory, hackers are not exploiting technical flaws in WhatsApp’s software but are instead relying on social engineering tactics to gain unauthorised access to user accounts. These methods involve manipulating users into sharing sensitive information or performing actions that compromise account security.
National CERT said common techniques include tricking users into revealing one-time passcodes (OTPs), manipulating call-forwarding settings, sending phishing links and circulating malicious QR codes that allow attackers to link victims’ WhatsApp accounts to their own devices. Once hijacked, compromised accounts can be used to impersonate users, defraud contacts, access private conversations and spread malicious content.
The advisory warned that WhatsApp account hijackings can lead to identity theft, financial fraud, data exposure, reputational damage and privacy violations. It added that organisations are also at risk when employees use WhatsApp for official communication, as compromised accounts could expose sensitive or confidential information.
National CERT said all versions of WhatsApp are affected, including Android, iOS, WhatsApp Business, Web and Desktop platforms. It noted that successful account takeovers usually require some level of user interaction, such as sharing verification codes or scanning QR codes, and stressed that accounts without two-step verification are particularly vulnerable.
To reduce the risk of hijacking, users have been advised to enable WhatsApp’s two-step verification feature and add a recovery email, regularly review linked devices and avoid sharing verification codes or PINs with anyone. The advisory also urged caution when receiving urgent messages requesting money or codes and warned against clicking links received in unsolicited messages.
For users whose accounts have already been compromised, National CERT outlined recovery steps including reinstalling WhatsApp, re-verifying phone numbers and resetting security settings. It cautioned that in some cases, users may face a mandatory seven-day lockout if attackers activate two-step verification without adding a recovery email.
The advisory emphasised that public awareness and safe digital practices remain critical to countering the growing threat of WhatsApp account hijackings across the country.
