How to recover a hacked WhatsApp account

WhatsApp is the most widely used messaging platform globally, and it’s not immune to hacking attempts. Continue reading to understand more about these WhatsApp hacks, how to identify if your account has been hacked, and the measures you can take to get it back.

Can a WhatsApp account get hacked? 

The short answer: Yes. 

However, unlike other platforms like Facebook, Instagram, and Google where users can log in with passwords, WhatsApp accounts are tied to a phone number. Since you’re the legitimate owner of your phone, how can someone hack your WhatsApp?

When someone signs up to use WhatsApp, they are required to verify their number, such as via a code sent to their phone by SMS. The key information a hacker would need is this code—and a common way they would get it is by tricking you into telling them.

They could pretend to be someone else and convince you that you need to tell them the code sent to you for your own safety and security. This would be a form of phishing.

Another way to get your code might be via malware that gains access to everything on your phone. Although admittedly, if you’ve got serious malware like this on your phone, you have a lot more to worry about that one hacked app.

There are other ways. Late last year, it was reported that those using WhatsApp Web fell victim to a URL phishing attempt where scammers created a fake version of the legitimate WhatsApp Web page. The links took them to a phishing site that embedded a genuine QR code extracted from the official WhatsApp page. Once they’ve gained access to their victims’ accounts, they ask their victims’ contacts to transfer money to a bank account.

How do I know that my WhatsApp account has been hacked?

Recognizing when your WhatsApp account has been hacked is the first step in fixing the issue. Here are some telltale signs that your account may have been compromised:

1. Random and unusual activity

Receiving WhatsApp messages from people you don’t recognize? Or seeing messages that you supposedly wrote but don’t remember anything about it? These can all be signs that your WhatsApp account has been used on another person’s device. Another sign is if you’re noticing changes to your WhatsApp account settings that you don’t remember setting or changing.

2. You find unknown linked devices on your account

WhatsApp alerts you when your account is being registered on a new device, so if you receive such a notification without initiating it, it’s a clear indication that someone might be trying to hack into your account. 

To check if an unknown device has been linked to your account on your smartphone, tap on the Settings button. Once there, tap on Linked Devices to see a list of places where your account can be accessed. If you see a device you’re unsure about, log out of it immediately.

3. You’re unable to access your account

WhatsApp alerts you when your account is being registered on a new device. If you receive such a notification without initiating it, that’s a clear sign of a problem.

What do I do if my WhatsApp account has been hacked?

If you suspect your WhatsApp account has been hacked, it’s best to act immediately to get it back. Follow the steps below:

Verify your account

Start by verifying your phone number on WhatsApp. Install the app on your phone and enter your phone number. WhatsApp will send you a verification code via SMS to confirm it’s you. Once you enter this code, the hacker will automatically be logged out of your account, as WhatsApp only allows one phone number per account at a time.

If you have access to WhatsApp on your phone and suspect that someone could be using your account on WhatsApp web or the desktop app, you can check by going to Settings > Linked Devices. Any linked devices will be listed. You may remove them by selecting the device and tapping Log Out.

Inform your contacts that your account was compromised, advising them to ignore any suspicious messages they may have received from your number during the period of the hack. If you’re struggling to get back into your account, use another messaging service to let them know instead.

This is the main thing you can do to regain your account once it’s been hacked. The following steps are precautionary measures to protect your account further:

Set up two-factor authentication or change your pin

If you had previously set up two-step verification, enter your PIN to access your account. If you didn’t set this up before and can access your account, do it immediately. 

Go to WhatsApp Settings > Account > Two-step verification > Enable. You’ll be prompted to create a four-digit pin. Occasionally, WhatsApp will ask you to enter your PIN to verify that it’s you.

Review your account security

Check your account settings to ensure the hacker has made no changes. Pay special attention to linked devices and remove any you don’t recognize. While you’re reviewing your settings, consider adjusting your privacy settings as well, like who can see your profile photo, last seen, and status updates.

[Optional] Block your SIM card

If you can’t regain access to your WhatsApp account, call your mobile service provider to block your SIM card and get a new SIM card with the same number. You’ll then have to re-register for a WhatsApp account, which will automatically deactivate the account on the other device. 

Unfortunately, according to their resource page, WhatsApp cannot deactivate or delete an account remotely.

How can I retrieve my WhatsApp account from a scammer?

If you’re logged out of your WhatsApp account and want to regain access to it, you have two options:

1. Log in with your number again

Logging in with your phone number once more should kick the scammer out of your account, as WhatsApp can only be accessed on one mobile device at a time.

2. Log out all WhatsApp Web and Desktop sessions

If the hacker has accessed your WhatsApp through WhatsApp Web/Desktop, you can log out remotely. Open WhatsApp on your phone, go to Settings or Menu on Android, select WhatsApp Web/Desktop, and then log out from all active sessions. This will disconnect any computer from your WhatsApp account.

How can I prevent my WhatsApp account from getting hacked?

Preventing your WhatsApp account from getting hacked involves a combination of proactive security measures and general awareness of digital safety practices. Here are some effective strategies to safeguard your WhatsApp account:

1. Enable two-step verification

While two-step verification is an optional feature WhatsApp provides, we highly recommend implementing it. A 2FA adds an extra layer of protection and security to your WhatsApp account. To do so, go to Settings > Account >Two-step verification > Enable. You’ll then be asked to key in a PIN and provide an email for account recovery.

2. Ensure your app is up to date

Software updates could prevent security breaches because updates often include patches that protect against newly discovered vulnerabilities. WhatsApp is no exception.

3. Be wary of suspicious links and QR codes

Phishing comes into play for some WhatsApp hacks. A common phishing tactic is sending a link redirecting you to a fake WhatsApp login page. Last year, officials in Singapore released a warning about a WhatsApp phishing scam where hackers lured users into connecting their WhatsApp account with a login page that resembled the actual WhatsApp web page.

4. Use WhatsApp’s Lock feature

WhatsApp’s lock feature is a security tool that adds an extra layer of protection to your WhatsApp account by requiring biometric authentication – like fingerprint or facial recognition – to open the app. This feature is especially useful as well if you want to keep your messages private or are concerned about someone accessing your WhatsApp chats without your permission. 

Common WhatsApp scams to look out for

Besides knowing how to protect your WhatsApp account from scammers, it’s also important to understand the common WhatsApp scams and how they work so you can avoid them. 

1. Verification code scam

This is one of the most common scams where you might receive a message, often from a familiar contact whose account has been compromised, asking you to share your WhatsApp verification code. The scammer needs this code to access your WhatsApp account.

2. Fake WhatsApp admins

Scammers may pose as WhatsApp administrators and claim they need information from you to keep your account active or verify it. WhatsApp never contacts users directly through the app for such issues.

3. Job offers and investment opportunities

Scammers may send messages claiming to represent well-known companies, offering lucrative job opportunities. These offers usually come out of the blue without any prior application or interaction. The scammer may ask for personal information under the guise of a job application or employee registration process. They often insist on urgency, pushing you to provide information quickly.

4. Phishing attempts

Phishing attempts on WhatsApp are increasingly sophisticated and deceptive, designed to trick users into giving away sensitive information. A common phishing tactic is sending a link redirecting you to a fake login page. This page resembles a legitimate website, like a bank, social media, or even WhatsApp itself.. The goal is to capture your login credentials when you attempt to sign in. 

Be cautious if a message asks for personal details like passwords, PINs, Social Security numbers, or financial information. Remember that legitimate organizations do not request sensitive information via WhatsApp. 

5. Lottery or prize scams

Lottery and prize scams are nothing new; unfortunately, people still fall for them. This is how it usually works: You receive a message claiming you’ve won a lottery, contest, or prize draw – often from a well-known brand or organization. 

To claim your supposed prize, the message will ask for personal details like your name, address, bank details, or even a copy of your ID. The catch is that you don’t remember entering any such competition. Instead, after getting your information, the scammers will then use it for fraudulent purposes. 

Sometimes, the scammer goes a step further by asking you to cover an administrative fee, tax, or delivery fee before you can receive your prize, which does not even exist to begin with. Always remember that legitimate lotteries or contests never ask winners to pay fees upfront.

6. A friend in distress scam

This is yet another common scam that’s existed for a long time. In this scam, you’ll receive a message from someone posing as a friend or family member claiming to be in trouble and asking for financial help.

7. Subscription fee scams

If you’re a WhatsApp Premium subscriber for businesses, a scammer might just attempt to trick you by claiming that your WhatsApp subscription has expired and that you must pay to renew it. While you do have to pay for a WhatsApp Premium subscription, you can easily verify when your subscription ends through your profile.