Attacks to hijack messaging accounts continue to rise. Company experts warn about the most common impersonation methods on this app and share key steps to regain access and prevent it from happening again.
It’s becoming increasingly common for cybercriminals to hijack WhatsApp accounts to impersonate victims and contact their family or friends with fake messages, usually claiming emergencies or urgent favors. At Kaspersky, we’re warning about this growing trend and sharing practical recommendations for recognizing an attack, regaining control of your account, and preventing it from happening again.
A compromised account may exhibit strange behavior:
- Answers that the user did not send,
- Messages deleted without explanation,
- Changes in name, photo, or status, and even inclusion in unknown groups.
- In the most severe cases, the app logs you out and notifies you that the account is active on another device.
This happens because attackers can access an account in two ways. One is through the “Linked Devices” feature, which allows them to connect their device without disconnecting the account holder. This allows them to read messages and monitor conversations in real time. The second, more aggressive way is to register the account on another phone as if it were a legitimate account transfer. If the attacker manages to obtain the verification code sent by SMS, call, or through a pop-up message from the same app—something they commonly achieve through social engineering or SIM duplication—full control of the account passes into their hands, completely disconnecting the original user.
If you suspect your account has been compromised, you can still log in to the app by logging out of all open sessions from your settings. If you’ve already been locked out, try signing in again with your phone number. If you’re prompted for a two-step verification PIN that you didn’t set up, the attacker may have enabled it. In that case, you can reset it from your linked email address, or if you don’t have one, you’ll have to wait seven days to regain access.
An effective way to prevent these types of incidents is to have a security solution installed on your mobile device, capable of detecting malicious access attempts, fraudulent links, and suspicious apps before they compromise your data. However, it is estimated that more than 43% of users in Latin America still do not have active protection on their phones, according to Kaspersky’s Digital Hangover study , leaving them exposed to these increasingly frequent threats.
It’s also essential to inform your contacts as soon as possible to prevent anyone from falling for a scam, believing you’re behind the messages. Ideally, this should be done by phone call or through other direct channels. To warn more people, you can update your WhatsApp status with a clear alert and share it on your social media. Although 39% of Latin Americans say they usually ignore or delete suspicious messages, according to another Kaspersky study , this figure tends to drop when attackers pose as family members or close friends, appealing to urgency or an emotional connection.
“What’s worrying about these attacks isn’t just their increasing volume, but their level of sophistication. These are no longer simple account takeovers, but well-planned schemes that combine identity theft, social engineering, and financial fraud. The attackers aren’t just looking to steal information, but also to emotionally manipulate the victim’s contacts to obtain money or access to other accounts. Furthermore, by using real accounts, they manage to evade many automated security filters. This is a worrying development in digital crime, where trust between people is the real target,” says María Isabel Manjarrez, security researcher on the Global Research and Analysis Team for Latin America at Kaspersky.
To significantly reduce the risk of falling victim to this type of attack, Kaspersky experts recommend:
- Enable two-step verification: This feature adds an extra layer of protection that prevents an attacker from accessing your account, even if they obtain the registration code.
- Associate a recovery email: Having an email address linked to your account allows you to quickly restore access if someone tries to lock you out.
- Avoid sharing codes or links: No legitimate service will ask you to share your verification code. If someone asks for it, it’s a fraud attempt.
- Request additional protection from your mobile operator : Ask your provider to block the issuance of duplicate SIM cards without in-person verification or an additional password.
Install a reliable cybersecurity solution: Tools like Kaspersky Premium offer real-time protection against malware, digital fraud, unauthorized access, and identity theft, helping to protect your information across all your devices.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream formerly known as CIO News LinkedIn Account | The Mainstream formerly known as CIO News Facebook | The Mainstream formerly known as CIO News Youtube | The Mainstream formerly known as CIO News Twitter |The Mainstream formerly known as CIO News Whatsapp Channel | The Mainstream formerly known as CIO News Instagram
About us:
The Mainstream formerly known as CIO News is a premier platform dedicated to delivering latest news, updates, and insights from the tech industry. With its strong foundation of intellectual property and thought leadership, the platform is well-positioned to stay ahead of the curve and lead conversations about how technology shapes our world. From its early days as CIO News to its rebranding as The Mainstream on November 28, 2024, it has been expanding its global reach, targeting key markets in the Middle East & Africa, ASEAN, the USA, and the UK. The Mainstream is a vision to put technology at the center of every conversation, inspiring professionals and organizations to embrace the future of tech.
