.
ISLAMABAD:
Hoping to receive New Year gifts, you risk having your WhatsApp hacked, the National Cybercrime Investigation Agency (NCCIA) warned in an advisory issued on Sunday.
The agency has urged people to be wary of New Year scams. Messages containing “congratulatory links” or “fake gifts” are currently circulating. Users are advised not to click on unknown links and never share their WhatsApp verification code with anyone, it says.
Experts warn that hackers often disguise spyware as gifts and that a single click can compromise your mobile device or WhatsApp account. This can put a user’s WhatsApp files and chats at risk, violating their privacy. The agency urged extreme caution and advised users to avoid clicking on suspicious links.
WhatsApp is a widely used instant messaging platform that allows users to send text messages, voice notes, images, videos, documents and make voice and video calls over the Internet.
It leverages end-to-end encryption, ensuring that messages are only visible to the sender and recipient, making communications highly secure. The application can, however, be compromised by spyware, but not usually by simple hacking like guessing passwords.
Spyware attacks usually target the phone itself and can be installed in several ways. Clicking on malicious links sent via WhatsApp, SMS or email can install spyware that reads messages, records calls or captures keystrokes.
Advanced zero-click exploits can infect a phone without any interaction, sometimes via a missed call or message; these attacks are rare and often target high-profile figures such as journalists or politicians.
Other risks include compromised backups on Google Drive or iCloud, physical access to the phone and the use of unofficial versions of WhatsApp, which are particularly vulnerable.
Once installed, spyware can read chats, listen to calls, access the camera and microphone, track location, and even capture keystrokes or screenshots.
