Hackers have been found breaking into WhatsApp accounts in silence
WhatsApp has rolled out a clever new security feature that could save millions of users from falling victim to account takeover scams.
Unfortunately, criminals can hijack your account in silence — without password cracking, encryption breaking, or even a warning. They only need you to enter a code or confirm a request yourself.
These scam often starts with a seemingly harmless message – sometimes from an unknown number, but frequently from a real contact whose account has already been compromised.
For example, they'll ask you to vote for their dog in a competition, or perhaps their daughter in a dance contest, always via a link.
Once you click on the link, you'll land on a page asking for your phone number to "verify" your vote. In reality, it's mimicking WhatsApp's genuine device-linking process.
It's a growing problem on messaging apps, and you may not realise you're handing over access willingly because the request appears to come from someone you trust. In fact, this exact type of scam was found making its way through WhatsApp accounts late last year.
But the Meta-owned chat app's newest feature aims to put a stop to it.
Now, when WhatsApp spots something dodgy about a linking request, it shows you a warning before anything gets connected.
You'll see the approximate location of the device trying to link up, which is a massive red flag if it's nowhere near you. It's similar to you getting a notification from a social media platform like Instagram, showing you an unfamiliar login with the location.
The warning also spells out exactly what that device would be able to do – things like reading your recent chats and sending messages as if they were you.
This gives you the chance to hit cancel if you didn't start the request yourself.
It's also ideal because it creates a pause, making it much harder for scams to slip through unnoticed.
Staying safe goes beyond just relying on this new warning, though.
Turning on two-step verification is another best practice to keep your accounts safe. It adds an extra PIN that only you know, making it much tougher for anyone to access your account.
It's also worth regularly checking your Linked Devices section to spot anything unusual.