ISLAMABAD: Pakistan’s National Cyber Emergency Response Team (National CERT) has issued a nationwide advisory after detecting a sharp increase in WhatsApp account hijackings across the country, affecting users of all ages and backgrounds.
According to the alert, the attacks are “active and widespread” and rely primarily on social engineering tactics rather than vulnerabilities in WhatsApp’s software.
Hackers are manipulating users into revealing one-time passcodes (OTPs), scanning malicious QR codes, clicking phishing links, or altering call-forwarding settings, allowing attackers to link victims’ accounts to their own devices.
Once compromised, hijacked accounts are used to impersonate victims, defraud contacts, access private conversations and spread malicious content.
National CERT warned that the consequences can include identity theft, financial fraud, privacy breaches and reputational damage. The threat also extends to organisations that use WhatsApp for business communications, potentially exposing sensitive data.
The advisory applies to all versions of the platform, including WhatsApp on Android and iOS, WhatsApp Business, Web and Desktop.
NCERT-advisory-IA7RmdpexHAuthorities classified the severity of the threat as high, noting that attacks usually succeed only when users interact—such as by sharing a verification code or scanning a QR code. Accounts without two-step verification are particularly at risk.
To mitigate the threat, National CERT urged users to enable WhatsApp’s two-step verification with a recovery email, regularly review linked devices, and never share verification codes or PINs.
Users were also advised to treat urgent requests for money or codes with suspicion and avoid clicking on links in unsolicited messages.
For compromised accounts, the advisory outlined an official recovery process that includes reinstalling WhatsApp, re-verifying the phone number and resetting security settings.
In cases where attackers enable two-step verification without a recovery email, users may face a mandatory seven-day lockout before regaining access.
National CERT called on users who suspect a breach to immediately inform their contacts, report the incident to WhatsApp and monitor for signs of financial or data misuse, stressing that continued vigilance is essential as cybercriminals evolve their tactics.
