BOOM

Trending Searches

    SUPPORT
    BOOM

    Trending News

      • Fact Check 
        • Fast Check
        • Politics
        • Business
        • Entertainment
        • Social
        • Sports
        • World
      • Law
      • Explainers
      • News 
        • All News
      • Decode 
        • Impact
        • Scamcheck
        • Life
        • Voices
      • Media Buddhi 
        • Digital Buddhi
        • Senior Citizens
        • Videos
      • Web Stories
      • BOOM Research
      • BOOM Labs
      • Deepfake Tracker
      • Videos 
        • Facts Neeti
      • Home-icon
        Home
      • About Us-icon
        About Us
      • Authors-icon
        Authors
      • Team-icon
        Team
      • Careers-icon
        Careers
      • Internship-icon
        Internship
      • Contact Us-icon
        Contact Us
      • Methodology-icon
        Methodology
      • Correction Policy-icon
        Correction Policy
      • Non-Partnership Policy-icon
        Non-Partnership Policy
      • Cookie Policy-icon
        Cookie Policy
      • Grievance Redressal-icon
        Grievance Redressal
      • Republishing Guidelines-icon
        Republishing Guidelines
      • Fact Check-icon
        Fact Check
        Fast Check
        Politics
        Business
        Entertainment
        Social
        Sports
        World
      • Law-icon
        Law
      • Explainers-icon
        Explainers
      • News-icon
        News
        All News
      • Decode-icon
        Decode
        Impact
        Scamcheck
        Life
        Voices
      • Media Buddhi-icon
        Media Buddhi
        Digital Buddhi
        Senior Citizens
        Videos
      • Web Stories-icon
        Web Stories
      • BOOM Research-icon
        BOOM Research
      • BOOM Labs-icon
        BOOM Labs
      • Deepfake Tracker-icon
        Deepfake Tracker
      • Videos-icon
        Videos
        Facts Neeti
      Trending Tags
      TRENDING
      • #Operation Sindoor
      • #Pahalgam Terror Attack
      • #Narendra Modi
      • #Rahul Gandhi
      • #Waqf Amendment Bill
      • #Arvind Kejriwal
      • #Deepfake
      • #Artificial Intelligence
      • Home
      • Decode
      • Locked Out of WhatsApp? Here's What...
      Decode

      Locked Out of WhatsApp? Here's What to Do If Your Account Is Hacked

      A Mumbai-based couple fell victim to a WhatsApp hack after receiving a deceptive message from a colleague. Here’s how it unfolded.

      By -  Hera Rizwan |
      16 Dec 2024 4:11 PM IST
    • Boomlive
      Listen to this Article
      Locked Out of WhatsApp? Heres What to Do If Your Account Is Hacked

      Hacked! What to Do When WhatsApp Locks You Out

      • A Mumbai-based couple became victims of a WhatsApp account hack after a deceptive message from a colleague.
      • Despite multiple attempts to secure the account, the hackers continued to control it by linking their own email for receiving verification codes.
      • Cybersecurity experts advise enabling two-factor authentication (2FA) and contacting WhatsApp support immediately if an account is hacked.

      On a Sunday afternoon, Mumbai-based advocate Chirag M. Shah was jolted out of his weekend routine when he learned that his wife’s WhatsApp account had been hacked. What initially seemed like a minor technical issue quickly spiraled into a stark reminder of how even the most vigilant individuals can fall prey to cyber scams.

      The compromised number, registered under Shah’s name but used by his wife, Monica, had been targeted in a meticulously planned scheme. It all began with an unassuming yet deceptive message from a trusted colleague.

      Monica had received a WhatsApp message from her colleague, urgently asking her to forward a verification code she might have received via SMS. The colleague said that she had erroneously sent it to Monica. Ironically, the notification, much like a standard WhatsApp verification code message, carried the warning: “Do not share it with anybody.”

      Trusting her colleague and believing the request to be genuine, she complied without hesitation. Little did she know that the colleague’s number had already been hacked, and this was the scammer’s way of now gaining access to her WhatsApp account.

      By using the verification code, the hackers swiftly installed WhatsApp on a new device under Shah’s number, logging out the original account. Once in control, they began messaging Monica’s contacts, posing as her and asking for money.

      “Fortunately, a few skeptical friends reached out directly to confirm the requests. This gave us the chance to clarify that Monica’s account had been hijacked,” Shah told Decode.

      Shah revealed that spamming the account with repeated verification requests in an attempt to flag it as suspicious—a strategy suggested by well-meaning friends—proved ineffective against the hackers. This approach, while seemingly logical, did not hinder the perpetrators from maintaining control of the account.

      To migrate a WhatsApp account to a new device, users must first input the phone number linked to the account. Ownership is then verified by entering a six-digit code sent via SMS or an automated call. Once the code is successfully entered, WhatsApp automatically logs the account out of any previously linked devices and sets it up on the new one.

      This seamless migration process, however, becomes a vulnerability when two-factor authentication (2FA) is not enabled. Without 2FA, hackers can bypass additional security layers, gaining unrestricted access to the account, including chat backups, contacts, and linked settings.

      Shah and his wife repeatedly attempted to log back into the account from their end, only to find that the verification codes were being sent to an email address. “We never received any of those codes because we had never linked an email address to WhatsApp,” Shah explained.

      Also Read:Can Scammers Steal Money When You Check Your UPI Balance? Here’s What Experts Say

      Upon investigating further, they discovered that the hackers had exploited this oversight. Once the account was compromised, the hackers linked their own email address making it the primary mode for receiving the code. This effectively locked out the rightful user and made it nearly impossible to recover the account without external intervention.

      After exhausting all available options, including sending email requests to WhatsApp’s support team, Shah ultimately sought help from the Deputy Commissioner of Police, Cybercrime, Mumbai Police to expedite the process.

      “I sent the email to the support id around 2 PM but only received an acknowledgment 3–4 hours later. Using a few contacts, I finally reached out to the police, hoping the matter would be taken more seriously with law enforcement backing it,” he told Decode.

      The police filed an urgent request with Meta, WhatsApp’s parent company, to prioritise the account restoration. After multiple emails and the intervention of law enforcement, the account was finally restored by night. However, the ordeal highlighted significant vulnerabilities in the platform's response process.

      What to do when your WhatsApp account is hacked?

      Referring to Shah’s case of WhatsApp hacking, cybersecurity expert Ashish Jha acknowledged that the hacker's act of changing the associated email ID made the recovery process more challenging. “Even in such cases, the best approach is to contact WhatsApp with evidence. Only the WhatsApp support team can assist effectively in these scenarios,” he explained.

      Jha recommended victims email WhatsApp's official support address and use the platform's support page to report a hacked account. To do this, victims should:

      - Visit the official WhatsApp Support page and select the ‘Contact Us’ option under the ‘WhatsApp Messenger Support’ section.

      - Provide their phone number in international format (e.g., +91 for India), an active email address, and select the platform used (e.g., web, iPhone, or Android).

      - Clearly explain the issue in the text box, specifying that the account has been compromised and requesting immediate assistance.

      - Submit the form. WhatsApp will respond via email with guidance to recover or secure the account against unauthorized access.

      Jha emphasised the importance of acting swiftly and remaining calm. “Don’t panic; presence of mind is crucial. Attempt to log back in immediately and notify your contacts to prevent further misuse of your account.”

      He cautioned against excessive spamming with verification code requests, as it could lead to a temporary lockout and complicate the support process. He advised enabling two-factor authentication (2FA) and linking an email ID to the WhatsApp account for added security. “Be aware of where your accounts are logged in and on how many devices,” he added.

      To enable 2FA, go to Settings > Account > Two-Step Verification > Enable. Set a 6-digit PIN and optionally add an email address for recovery.

      Also Read:How Scammers Target Flipkart Customers Through WhatsApp Screen Share

      The Case for Stronger Digital Defenses

      Reflecting on the incident, Shah emphasised how critical two-factor authentication is for protecting WhatsApp accounts. In the same chain of the hacking attempt, another colleague of Shah’s wife was targeted, but the hacker was unable to bypass 2FA. “It’s a simple step that could save people from immense trouble,” Shah said.

      Shah believes platforms like WhatsApp need to do more to protect users from such attacks. He suggested making 2FA mandatory, delaying access to chat backups on newly linked devices for at least 24 hours, or imposing temporary restrictions on account functionality, similar to how banks limit transactions for new payees.

      “These are just damage-control measures, but they could make a significant difference,” Shah said. “Hackers are always one step ahead, but it’s the responsibility of platforms and authorities to make their job as difficult as possible—not the lives of unsuspecting users.”

      Shah’s ordeal serves as a sobering reminder: trust no message blindly, no matter the source. Verification codes, no matter how urgent the request seems, should never be shared. “As an advocate, I am trained to be suspicious by nature, yet even I couldn’t foresee this possibility,” Shah admitted.

      “This could happen to anyone, which is why we all need to stay vigilant and take proactive steps to secure our digital lives,” he said.

      Also Read:Digital Arrest: India’s New Con Artists Don't Hack Computers—They Hack Minds


      Tags

      WhatsAppcybersecurity
      Read Full Article

      Next Story
      Our website is made possible by displaying online advertisements to our visitors.
      Please consider supporting us by disabling your ad blocker. Please reload after ad blocker is disabled.
      X

      Subscribe to BOOM Newsletters

      👉 No spam, no paywall — but verified insights.

      Please enter a Email Address
      Subscribe for free!

      Stay Ahead of Misinformation!

      Please enter a Email Address
      Subscribe Now🛡️ 100% Privacy Protected | No Spam, Just Facts
      By subscribing, you agree with the Terms & conditions and Privacy Policy connected to the offer

      Thank you for subscribing!

      You’re now part of the BOOM community.

      Or, Subscribe to receive latest news via email
      Subscribed Successfully...
      Copy HTMLHTML is copied!
      There's no data to copy!