Pakistan’s National Cyber Emergency Response Team (National CERT) has issued a nationwide cyber security advisory after observing a significant surge in WhatsApp account hijacking incidents across the country. According to the advisory, the attacks are active, widespread, and affecting users from all segments of society, raising serious concerns about digital safety and data privacy in Pakistan’s rapidly expanding online ecosystem.
National CERT stated that the attackers are not exploiting technical vulnerabilities in WhatsApp’s software but are instead relying heavily on social engineering techniques. These methods use psychological manipulation to trick users into unintentionally granting access to their accounts. The advisory highlighted that such attacks often succeed because of user interaction rather than system flaws, making awareness and vigilance critical in preventing account compromise.
The advisory detailed several techniques currently being used by cybercriminals. These include deceiving users into sharing one-time passcodes (OTPs), manipulating call-forwarding settings, distributing phishing links, and circulating malicious QR codes. In many cases, victims are persuaded to scan QR codes that link their WhatsApp accounts to the attacker’s device, allowing unauthorized access without the victim immediately realizing what has occurred.
Once an account is hijacked, attackers commonly impersonate the victim to contact friends, family members, or colleagues. National CERT warned that compromised accounts are frequently used to request money, spread fraudulent messages, access private conversations, and distribute malicious content. Such misuse not only exposes personal data but can also lead to financial losses and long-term reputational damage for the victim.
The advisory emphasized that the impact of WhatsApp account hijacking extends beyond individual users. Organizations whose employees rely on WhatsApp for official communication may also face significant risks. Compromised accounts can expose sensitive business information, enable corporate fraud, and damage institutional credibility. As a result, the growing trend poses both personal and professional security challenges.
National CERT confirmed that all versions of WhatsApp are affected by the current wave of attacks. This includes WhatsApp on Android and iOS devices, as well as WhatsApp Business, Web, and Desktop versions. The severity level of the threat has been classified as high. The advisory noted that accounts without two-step verification are especially vulnerable, as attackers can more easily gain and retain control over them.
To reduce the risk of account hijacking, National CERT urged users to immediately enable WhatsApp’s two-step verification feature and attach a recovery email address. Users have also been advised to regularly review linked devices and remove any unfamiliar sessions. The advisory strongly cautioned against sharing verification codes, PINs, or login information with anyone, regardless of how convincing or urgent a message may appear.
Users were also advised to remain cautious when receiving urgent requests for money or verification codes and to avoid clicking on links sent through unsolicited or suspicious messages. The advisory stressed that attackers often exploit panic, urgency, or trust to manipulate victims into making quick decisions.
For users whose accounts have already been compromised, National CERT outlined an official recovery procedure. Affected individuals are advised to reinstall WhatsApp, re-verify their phone numbers, and reset security settings. The advisory noted that if attackers activate two-step verification without adding a recovery email, victims may face a mandatory seven-day lockout before regaining full access. During this period, neither the victim nor the attacker can read incoming messages.
National CERT further advised users who suspect account compromise to immediately inform their contacts, report the incident to WhatsApp, and monitor their financial and digital accounts for any signs of misuse. The advisory concluded by urging the public to stay alert, as cybercriminals continue to evolve their tactics in response to increasing digital adoption across Pakistan.
Follow the PakBanker Whatsapp Channel for updates across Pakistan’s banking ecosystem.