The National Computer Emergency Response Team (nCERT) has issued a cybersecurity advisory titled Essential Guidelines for WhatsApp Account Protection, highlighting the growing threat of cyber-attacks on WhatsApp users in Pakistan.

With WhatsApp being widely used for both personal and official communications, it has become a frequent target for cybercriminals using sophisticated phishing and social engineering techniques to compromise accounts.

The advisory stresses the importance of adopting critical security measures to prevent unauthorized access. Users are urged to strengthen their account passwords, avoiding easily guessable combinations such as “123456” or personal details like birthdates. Complex passwords incorporating a mix of characters, numbers, and symbols are recommended for enhanced security.

National CERT also advises enabling Two-Factor Authentication (2FA) for WhatsApp, adding an extra layer of protection. This security feature, accessible via the app’s settings, ensures that even if a hacker obtains the user’s SIM card, they cannot re-register the WhatsApp account without the additional PIN code.
Regular verification of WhatsApp security codes for individual contacts is another recommended measure. These codes confirm that messages are securely encrypted, preventing unauthorized interception of communications. Users are advised to keep their WhatsApp updated with the latest security patches and avoid interacting with suspicious links.

The advisory further outlines advanced security practices, such as locking WhatsApp with biometrics and avoiding the use of public Wi-Fi networks without a VPN. Monitoring account activity, particularly for unauthorized device connections, is also crucial in detecting any potential breach.

For additional protection, nCERT suggests configuring privacy settings to limit who can view profile details and disabling cloud backups to reduce the risk of data breaches. These steps are aimed at minimizing exposure to potential attackers who exploit vulnerabilities in unsecured networks and devices.

The national CERT has asked the users to stay informed about the latest security updates from WhatsApp and report suspicious activity directly to the platform. According to nCERT, following these comprehensive guidelines, both individuals and government employees can significantly reduce the risk of unauthorized access to their accounts and ensure the confidentiality of sensitive communications.