{"id":53069,"date":"2025-02-21T07:34:14","date_gmt":"2025-02-21T12:34:14","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?p=53069"},"modified":"2025-05-29T10:09:26","modified_gmt":"2025-05-29T14:09:26","slug":"whatsapp-account-hacked","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/whatsapp-account-hacked\/53069\/","title":{"rendered":"What to do if your WhatsApp account gets hacked"},"content":{"rendered":"<p>Your messaging-app account might be of interest to more than just jealous spouses or nosy coworkers. Stolen WhatsApp accounts fuel large-scale criminal activity \u2014 ranging from <a href=\"https:\/\/www.kaspersky.com\/blog\/how-to-prevent-whatsapp-telegram-account-hijacking-and-quishing\/53012\/\" target=\"_blank\" rel=\"noopener nofollow\">spam distribution to complex scam schemes<\/a>. That\u2019s why cybercriminals are constantly on the lookout for WhatsApp accounts \u2014 using various methods to hijack them. Here are eight signs your account <strong>may already be compromised<\/strong>.<\/p>\n<ol>\n<li>You get replies to messages you never sent.<\/li>\n<li>Friends complain about strange messages coming from your account.<\/li>\n<li>You notice deleted messages in chats, including from yourself \u2014 even though you never sent or deleted anything there.<\/li>\n<li>You receive a WhatsApp login verification code that you didn\u2019t request or expect.<\/li>\n<li>Your account has a status or has posted stories you didn\u2019t create.<\/li>\n<li>Your profile picture, name, or account description has changed unexpectedly.<\/li>\n<li>You\u2019ve been added to chats or groups you never joined.<\/li>\n<li>When you try to log in, WhatsApp informs you that your account is in use on another device and prompts you to re-register (this is the most telling sign).<\/li>\n<\/ol>\n<p>Pay special attention to the first three signs, and act immediately if you notice them \u2014 hackers often use compromised accounts to scam a victim\u2019s friends and family. They might impersonate you to request urgent financial help, promise gifts, or invite people to participate in fake polls. In any of these cases, your friends could get scammed \u2014 with your unwitting help.<\/p>\n<h2>Two ways hackers can hijack your WhatsApp account<\/h2>\n<p>Cybercriminals can take control of your WhatsApp account in one of two ways. They either add another device to your account using the \u201cLinked devices\u201d feature, or re-register your account on their device as if you\u2019d bought a new phone.<\/p>\n<p>In the former case, you continue using WhatsApp as usual but the criminals also have access to it, including to your recent conversations.<\/p>\n<p>In the second case, you lose access to your account, and when you try to log in, WhatsApp notifies you that your account is in use on another device. The attackers can control your account, but won\u2019t have access to your past conversations.<\/p>\n<h2>What to do if your WhatsApp account has been hacked<\/h2>\n<ol>\n<li>Make sure the SIM card linked to your WhatsApp account is inserted in your smartphone.<\/li>\n<li>Open WhatsApp on this smartphone.<\/li>\n<li>If it opens normally:<\/li>\n<\/ol>\n<ul>\n<li>Go to the WhatsApp settings \u2014 <strong>Settings<\/strong> on iPhone, or the additional menu (<strong>three dots<\/strong>) on Android. Tap <strong>Linked devices<\/strong>.<\/li>\n<li>Tap each device listed on this page.<\/li>\n<li>Tap <strong>Log Out<\/strong>. This will disconnect all additional devices from your account and cut off the attackers.<\/li>\n<\/ul>\n<ol start=\"4\">\n<li>If the messenger tells you that you\u2019re logged out and need to register:<\/li>\n<\/ol>\n<ul>\n<li>Enter your phone number.<\/li>\n<li>Request a one-time registration code.<\/li>\n<li>Wait for an SMS or a voice call with the code.<\/li>\n<li>Enter the received code.<\/li>\n<li>If your account was protected with a two-step verification PIN, after entering the one-time registration code, enter your PIN as well.<\/li>\n<li>WhatsApp may offer to restore your chats and settings from a backup in iCloud, Google Drive, or local storage. Accept!<\/li>\n<\/ul>\n<ol start=\"5\">\n<li>If you hadn\u2019t previously set a two-step verification PIN, but WhatsApp requests it after you enter the one-time code, the attackers may have set a PIN to prevent you from regaining access to your account.<\/li>\n<\/ol>\n<ul>\n<li>The PIN can be reset using the <strong>Forgot PIN<\/strong><\/li>\n<li>If an email address is linked to your WhatsApp account, you\u2019ll receive a PIN reset link instantly. Go to your email, open the latest message from WhatsApp, tap the link inside, and then <strong>Confirm<\/strong>. After this, you can return to WhatsApp and set a new PIN.<\/li>\n<li>If you hadn\u2019t linked an email address, you can still request a PIN reset, but you\u2019ll have to wait a week before the PIN is removed. During this time, your WhatsApp account will remain inaccessible. After a week, you can log back in to your account following the instructions above.<\/li>\n<\/ul>\n<p>Once you\u2019ve completed these steps, the attackers will be disconnected from your account. However, they may attempt to hijack it again, so be sure to follow the security tips below.<\/p>\n<h2>Warn your friends and family<\/h2>\n<p>Attackers may have sent tragic or provocative messages to your contacts, impersonating you. To ensure no one panics thinking you\u2019re in hospital, got arrested, or had an accident \u2014 and to prevent them from sending money to \u201chelp\u201d \u2014 inform as many people as possible that your account was hacked and that they should ignore any strange or unexpected messages sent earlier. For close friends, family, and coworkers, it\u2019s best to call them personally. A less intrusive way to warn many people at once is to update your WhatsApp status. Go to <strong>Settings<\/strong>, tap your name, and in the <strong>About<\/strong> field, write something like, \u201cMy WhatsApp was hacked! Don\u2019t trust messages from me, don\u2019t send money, no help is needed\u201d. It\u2019s also a good idea to post the same warning on other social networks.<\/p>\n<h2>If your account has been restricted or banned for spam<\/h2>\n<p>If hackers used your account to send spam, WhatsApp may temporarily restrict it for a few hours or days. After following the steps above and regaining control of your account, you may find you\u2019re unable to send messages.<\/p>\n<p>In this case, appeal the restriction using the <strong>Request a review<\/strong> button, found under the notification about the imposed restrictions. After tapping this button, the restriction won\u2019t be lifted immediately \u2014 depending on WhatsApp\u2019s internal algorithms, it can take anywhere from a couple of hours to three days. Unfortunately, there\u2019s no way to speed up this process.<\/p>\n<h2>How to protect your account from being hacked again<\/h2>\n<p>We\u2019ve provided a detailed guide on WhatsApp security and privacy settings in a <a href=\"https:\/\/www.kaspersky.com\/blog\/whatsapp-privacy-security\/51428\/\" target=\"_blank\" rel=\"noopener nofollow\">separate article<\/a>, but here are the key points:<\/p>\n<ul>\n<li>Enable two-step verification in WhatsApp and memorize your PIN \u2014 it\u2019s not a one-time code. To do this, go to<strong> Settings<\/strong> \u2192 <strong>Account<\/strong> \u2192 <strong>Two-step verification<\/strong>.<\/li>\n<li>Never, ever share your PIN or one-time registration codes with anyone. Only scammers ask for these details.<\/li>\n<li>WhatsApp recently introduced support for <a href=\"https:\/\/www.kaspersky.com\/blog\/how-to-set-up-passkeys-in-google-account\/49515\/\" target=\"_blank\" rel=\"noopener nofollow\">passkeys<\/a>. If you enable this option (<strong>Settings \u2192 Account \u2192 Passkeys<\/strong>), logging in to your account will require biometric authentication, and instead of PIN codes, your smartphone will store a long cryptographic key. This is a very secure option, but it may not be convenient if you frequently change devices and switch between Android and iOS.<\/li>\n<li>You can enable <a href=\"https:\/\/blog.whatsapp.com\/introducing-advanced-chat-privacy?lang=en\" target=\"_blank\" rel=\"nofollow noopener\"><strong>Advanced Chat Privacy<\/strong><\/a> in individual chat settings to prevent chat or group members from exporting your messages, and to prevent media from being automatically downloaded to their devices.<\/li>\n<li>Set up a backup email address for account recovery: <strong>Settings \u2192 Account \u2192 Email address<\/strong>.<\/li>\n<li>If you\u2019ve already added an email address, log in to your email account and change your password to a <a href=\"https:\/\/www.kaspersky.com\/blog\/kaspersky-international-password-day-2024\/51095\/\" target=\"_blank\" rel=\"noopener nofollow\">strong, unique one<\/a>. To store it securely, use a password manager, such as <a href=\"https:\/\/www.kaspersky.com\/password-manager?icid=gl_kdailyplacehold_acq_ona_smm__onl_b2c_kasperskydaily_wpplaceholder____kpm___\" target=\"_blank\" rel=\"noopener nofollow\">Kaspersky Password Manager<\/a>.<\/li>\n<li>Enable <a href=\"https:\/\/www.kaspersky.com\/blog\/what-is-two-factor-authentication\/48289\/\" target=\"_blank\" rel=\"noopener nofollow\">two-factor authentication<\/a> for your email account.<\/li>\n<li>Make sure you haven\u2019t fallen victim to a <a href=\"https:\/\/www.kaspersky.com\/blog\/what-is-sim-swapping\/50797\/\" target=\"_blank\" rel=\"noopener nofollow\">SIM swap scam<\/a>. Contact your mobile carrier \u2014 preferably in person \u2014 and verify that no duplicate SIM cards have recently been issued for your number. Also, make sure there\u2019s no unauthorized call-forwarding set up on your number. Cancel any suspicious changes and ask the staff about additional security measures for your SIM card. These may include prohibiting SIM-related actions without your being present, an extra password required for authentication, or other protections. Available security measures vary significantly by country and mobile carrier.<\/li>\n<li>Any security measures in WhatsApp will be of little use if your smartphone or computer is infected with malware. Therefore, be sure to install <a href=\"https:\/\/www.kaspersky.com\/premium?icid=gl_bb2023-kdplacehd_acq_ona_smm__onl_b2c_kdaily_lnk_sm-team___kprem___\" target=\"_blank\" rel=\"noopener nofollow\">comprehensive protection<\/a>\u00a0on all your devices.<\/li>\n<\/ul>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"premium-generic\">\n","protected":false},"excerpt":{"rendered":"<p>Eight signs your WhatsApp account has been stolen \u2014 and steps to recover and protect it.<\/p>\n","protected":false},"author":2706,"featured_media":53070,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[2683],"tags":[105,1250,607,76,43,422,546],"class_list":{"0":"post-53069","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-threats","8":"tag-android","9":"tag-ios","10":"tag-messengers","11":"tag-phishing","12":"tag-privacy","13":"tag-threats","14":"tag-whatsapp"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/whatsapp-account-hacked\/53069\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/whatsapp-account-hacked\/28608\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/whatsapp-account-hacked\/23849\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/whatsapp-account-hacked\/12292\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/whatsapp-account-hacked\/28724\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/whatsapp-account-hacked\/27966\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/whatsapp-account-hacked\/30785\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/whatsapp-account-hacked\/29478\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/whatsapp-account-hacked\/39093\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/whatsapp-account-hacked\/13177\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/whatsapp-account-hacked\/22605\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/whatsapp-account-hacked\/23421\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/whatsapp-account-hacked\/31971\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/whatsapp-account-hacked\/37488\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/whatsapp-account-hacked\/28851\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/whatsapp-account-hacked\/34676\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/whatsapp-account-hacked\/34304\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com\/blog\/tag\/messengers\/","name":"messengers"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/53069","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/2706"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=53069"}],"version-history":[{"count":4,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/53069\/revisions"}],"predecessor-version":[{"id":53520,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/53069\/revisions\/53520"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/53070"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=53069"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=53069"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=53069"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}