WhatsApp, the popular messaging app with a staggering two billion users, has recently been hit by a concerning vulnerability. With just a single email, attackers can easily deactivate your WhatsApp account, leaving you locked out of your own profile. Former law enforcement head of digital forensics, Jake Moore, brought this alarming issue to light, emphasizing the need for tighter security measures in the digital realm.
The Simplicity of the Attack
The alarming aspect of this vulnerability lies in its simplicity. The attacker only requires knowledge of your phone number. They then send an email to WhatsApp support, deceitfully claiming your phone number as theirs and stating it has been compromised. WhatsApp’s response is to send a six-digit code via SMS to the number in question, but the attacker cannot access this code without your phone.
So let me get this right, @WhatsApp, I can type in ANY number and you will deactivate that account? 🤯 pic.twitter.com/wsGfSgTJag
— Jake Moore (@JakeMooreUK) July 17, 2023
The attacker insists that the phone has been lost or stolen, prompting WhatsApp to request email confirmation for deactivation. The attacker then provides their own email address, and with no further verification, WhatsApp deactivates the account linked to your phone number, leaving you unaware and locked out.
WhatsApp’s Response
After being made aware of this issue, WhatsApp is hopefully taking prompt action to address the vulnerability and enhance security protocols. However, it is essential for users to take precautions and protect their accounts proactively.
Also Read: WhatsApp will now make it easier to transfer your chat history to a new phone
Stay Vigilant with WhatsApp Two-Step Verification
To safeguard your account, activate the two-step verification feature, which adds an extra layer of security. By enabling this feature, you can prevent unauthorized access to your account, even if someone obtains your verification code.
Also Read: New WhatsApp privacy features: Easily silence unknown numbers
How to Enable Two-Step Verification on WhatsApp
To enable two-factor authentication on your app, do the following:
- Open WhatsApp Settings.
- Tap Account > Two-step verification > Enable.
- Enter a six-digit PIN of your choice and confirm it.
- Provide an email address you can access or tap Skip if you don’t want to add an email address. We recommend adding an email address as this allows you to reset two-step verification, and helps safeguard your account.
- Tap Next.
- Confirm the email address and tap Save or Done.
Stay Cautious and Cybersecure
The incident serves as a crucial reminder to remain cautious in the digital playground. Cyber threats may not always appear as big, scary monsters but can be disguised as innocuous-looking emails. Keep your cybersecurity guard up at all times and avoid dropping your guard even for a second.
With the widespread use of WhatsApp, it is crucial to be aware of potential vulnerabilities. By being proactive and implementing two-step verification, you can fortify your account against unauthorized access. Stay vigilant and prioritize cybersecurity in this digital age to protect your valuable data and maintain control over your online presence.
