Cybersecurity experts are raising concern as new digital threats continue to spread, targeting ordinary users who rely on messaging platforms for daily communication.
These attacks are now focusing heavily on WhatsApp accounts, putting many people at risk of losing access to their personal information and private conversations.
The situation has drawn the attention of the United States Cybersecurity and Infrastructure Security Agency (CISA), which has issued a fresh warning about the growing danger.
CISA explains that cybercriminals have adopted more advanced methods compared to the past. Instead of only exploiting weak passwords or insecure networks, they are now turning to spyware, fake applications, and convincing social engineering tricks.
Their goal is to gain access to both the WhatsApp account and the mobile phone linked to it. Once they succeed, the victim may lose control of their account within minutes.
The attackers may then install additional malware, steal important data, or transfer the account to a different device.
The warning highlights how attractive messaging platforms have become to cybercriminals. Many users store sensitive conversations, financial confirmations, and private documents on these apps.
This makes platforms like WhatsApp a prime target. With millions of people relying on mobile messaging for personal and work communication, even a small security mistake can lead to major damage.
CISA urges users to take practical precautions before they fall victim to a fast-spreading scheme that has already affected many people around the world.
The criminals use different methods to break into accounts. Some send malicious links or QR codes that take users to fake login pages. Others design apps that appear harmless but secretly install spyware once downloaded.
A common method involves tricking someone into sharing their one-time WhatsApp verification code. When the attacker gets this code, they can immediately move the account to their own phone, shutting out the original owner. Many victims are targeted through psychological manipulation, where hackers pretend to be WhatsApp support, a close friend, or a relative in need of urgent help.
One quick response made in confusion can give them full access.
Protecting an account depends largely on awareness. CISA stresses that the most important rule is to never share a WhatsApp registration code with anyone. Activating two-step verification is also essential because it adds a special PIN known only to the account owner.
This extra step makes it extremely hard for attackers to take control even if they obtain the verification code.
Adding an email address for account recovery and enabling passkeys further strengthens security.
Users should also be careful about what they download. Apps should only be installed from trusted stores, and suspicious links, attachments, or QR codes should be avoided.
These small steps can block most attacks before they begin.
As WhatsApp continues to expand its services, including testing new features like Guest Chats that allow communication even with people who do not have the app, the platform becomes more accessible.
This growth, however, also increases its attractiveness to hackers. The expanding network means more opportunities for attackers to explore new loopholes.
WhatsApp remains widely used in Kenya and across the world, making it a convenient target for cybercriminals. The latest rise in hacking attempts is a reminder that digital safety must be taken seriously. Every user has a role in protecting their data and ensuring their personal conversations remain secure.
Add Comment