National Cyber Emergency Response Team (nCERT), Government of Pakistan, has issued an urgent advisory for WhatsApp users following a notable increase in account hacking and cyber fraud incidents. Recent reports indicate that attackers are employing sophisticated tactics to gain unauthorized access to WhatsApp accounts, often exploiting users’ personal information to target their contacts for money or sensitive data. Authorities have highlighted the importance of enabling two-step verification as a primary security measure, which acts as a safeguard even if one-time passwords (OTPs) are compromised.
The advisory details that cyber attackers commonly use deceptive techniques such as sending fraudulent links disguised as attractive offers, bank updates, or prize notifications. They may also impersonate friends, relatives, courier services, or bank officials to extract personal or financial information. Users are frequently tricked into sharing OTPs or login codes, allowing attackers to take over accounts and potentially solicit money or manipulate private communications. These incidents underline the need for heightened awareness and proactive steps to secure accounts against digital threats.
To mitigate risks, nCERT has provided step-by-step guidance for enabling two-step verification on both Android and iPhone devices. Users are instructed to navigate their account settings within WhatsApp to activate the feature, create a secure six-digit PIN, and add a recovery email. This additional layer of authentication prevents unauthorized access even if attackers manage to obtain the OTP. Cybersecurity experts emphasize that combining two-step verification with cautious online behavior significantly reduces exposure to fraud attempts.
Beyond enabling two-step verification, users are advised to exercise vigilance by not sharing OTPs or PINs with anyone, avoiding links from unknown sources, and verifying any monetary requests through direct calls to contacts. Awareness of common fraud patterns and maintaining a cautious approach to unexpected messages or calls can prevent significant financial and personal losses. nCERT has encouraged the public to share this information widely, highlighting that community participation in digital safety efforts strengthens overall cybersecurity resilience across Pakistan.
By promoting these protective measures, nCERT underscores the ongoing challenges posed by cyber fraud and the critical importance of user-level security practices. With WhatsApp remaining a key communication platform, safeguarding accounts through two-step verification and careful handling of sensitive information ensures that individuals can continue to use the application safely while minimizing the risk of financial exploitation or identity compromise.
Follow the SPIN IDG WhatsApp Channel for updates across the Smart Pakistan Insights Network covering all of Pakistan’s technology ecosystem.
