There has been a significant rise in WhatsApp account hacks, with 74 complaints received in just the past few weeks, according to Charuka Damunupola, Senior Information Security Engineer at the Sri Lanka Computer Emergency Response Forum (SLCERT). This surge in cases has raised concerns about the security of personal communications on the platform.
The hackers are primarily using online discussion invitations as a tactic to gain access to users’ accounts. These invitations often contain malicious links or prompts that lead users to fake login pages, where personal information, including login credentials, is stolen. In some cases, users are tricked into downloading malware that compromises their devices.
Damunupola urged the public to stay vigilant, particularly when interacting with unknown contacts or unfamiliar links, and emphasized the importance of strong password practices and the activation of two-factor authentication (2FA) to secure their accounts. He also recommended that users regularly monitor their devices for any unusual activity and avoid sharing sensitive information over unsecured platforms.
The rise in WhatsApp-related cybercrime reflects a broader trend in which hackers are increasingly targeting messaging services, exploiting users’ trust and lack of awareness to gain unauthorized access to personal data and conversations. The Sri Lanka Computer Emergency Response Forum continues to monitor the situation and work with cybersecurity agencies to raise awareness and protect users from emerging threats.
