WhatsApp accounts are getting hacked to commit fraud; how to retrieve your account?

WhatsApp users accounts are getting hijacked and then used to impersonate the victim and fraudulently take money from the victims' friends

These days, there has been a sharp increase in WhatsApp accounts getting hacked, with scammers impersonating their victims and asking for emergency money transfers from their friends.

The fraud usually starts with hijacking a phone number by porting the number to a new network, and a new SIM card, which remains under the control of the hackers. If a WhatsApp users' account is not protected by two-factor verification, whoever receives the automated-SMS for the one-time-password (OTP) gains control of the WhatsApp account for the associated phone number.

Once the hackers have gained access to an account, they can impersonate victims on the messaging platform and ask friends, family members and acquaintances to send them money via digital wallets. If you've fallen prey to such a fraud, the fastest way to take back control of your WhatsApp account via your mobile number. Here's a list of the things you should do to prevent this from happening:

If you can't get your number back fast, email WhatsApp

how to install whatsapp   on ios 11
The WhatsApp messaging application is seen on a phone screen 3 August 2017 Thomas White/Reuters

WhatsApp gives users one last resort to deactivate their account via email. Send an email to support@whatsapp.com, with the following phrase in the subject and body of the mail: "Lost/Stolen: Please deactivate my account." Mention your contact details in the body of the mail, in the international number format.

After retrieving your number, log in to WhatsApp and log out WhatsApp Web

Once you sign in to WhatsApp, anyone else using your number is logged out automatically, so log in as soon as you start receiving SMS messages again. However, that may not be enough to stop a scammer from still impersonating you via WhatsApp Web so to avoid this, go to settings in WhatsApp, select "WhatsApp Web", and click on "Log out from all devices."

If asked for verification code you didn't set up, you'll have to wait a week

WhatsApp lets users create a six-digit PIN number to prevent account hijacking. If you don't activate that option, an attacker can do so while in control of your account, thereby locking you out.

The bad news is that there's nothing you can do except be patient. After a WhatsApp account has been inactive for seven days it becomes possible to log in without a verification code. Since the hacker loses control of the account before you're asked for that six-digit PIN number, and since neither of you can use the account, it will sit idle – and a week later you'll receive the SMS and your account back.

Let your WhatsApp groups know your account has been compromised and check for new members if you are an admin

A hacker who has assumed control of your WhatsApp account will obviously also have access to all of the groups you're part of as a member or admin. It's only polite to let people know that their conversations could have been spied on while your account was compromised, even if the discussion isn't secret or sensitive. If you're the admin on any group, check for new members added by "You" while your account was hijacked, or hackers could continue spying on the conversations.