The National Cybercrime Investigation Agency (NCCIA) has issued an urgent advisory to WhatsApp users amid rising reports of account takeovers and unauthorized access attempts. The guidance outlines immediate steps to regain control and secure compromised accounts, especially when users suspect a hack or sudden loss of access.
What to Do If Your WhatsApp Is Compromised
According to the NCCIA advisory:
- Reinstall and Re-register:
Users who lose access or suspect unauthorized use should uninstall and then reinstall WhatsApp. After reinstalling, enter the registered phone number to begin the login process. - Use the SMS Verification Code Immediately:
WhatsApp will send a six-digit verification code via SMS. Enter this code as soon as it arrives. Doing so forces any active session on another device to log out, because WhatsApp typically allows only one mobile phone session at a time. - Seven‑Day Wait Period Explained:
In cases where a hacker has enabled WhatsApp’s two‑step verification PIN and the legitimate user doesn’t know the PIN, WhatsApp may require a seven‑day waiting period before full re‑access. The NCCIA stresses that users should not panic: entering the SMS code already logs out the attacker, and during the waiting window, no one can access the account or read messages.
Broader Security Context
Account takeovers are a known and persistent threat vector for messaging platforms. Attackers often exploit social engineering such as phishing or tricking users into revealing verification codes — especially where SMS codes and two‑factor authentication (2FA) are mishandled by users. Strong authentication practices, including enabling WhatsApp’s built‑in two‑step verification proactively and monitoring linked devices, mitigate the risk of compromise.
The advisory comes as cybercrime units globally and locally note increased attempts targeting personal messaging accounts, underscoring the importance of rapid response and secure credential handling practices.
Key Takeaways for Affected Users
- Immediately reinstall WhatsApp and log in using your phone number.
- Enter the SMS verification code quickly to terminate unauthorized sessions.
- Expect a possible 7‑day delay if two‑step verification was set by an attacker, but rest assured your communication remains inaccessible to them during that period.
If unauthorized access persists or you encounter related scams, consider reporting the incident to the appropriate cybercrime reporting channels and enhancing your overall digital security posture.
