WhatsApp is a huge app. Over 1.5 billion of us have the app on our Android smartphones and Apple iPhones and we send tens of billions of WhatsApp messages between us every day. Now the Facebook-owned messaging app is famous for its end-to-end encryption but, let’s be honest, Facebook isn’t exactly the most trusted company in the world right now. This begs the question for WhatsApp users all around the world: is WhatsApp safe to use?
We talk a lot at Softonic about cyber security issues. We’re here to keep you safe when you’re online and with us, like so many of you, being regular WhatsApp users, we thought we’d spend some time going through potential security weaknesses you should look out for when you’re using WhatsApp.
How safe is WhatsApp?
Every now and then malware and spyware-like bugs can find their way into the WhatsApp code. These can leave you open to potential hacking, which we’ll look at in a moment, but they can also end up causing other problems that may end up hitting your wallet.
One such WhatsApp bug saw the app regularly trying to backup all app data using a cellular data connection. This meant that even when users didn’t have Wi-Fi connections, their phones were constantly uploading WhatsApp data to Google Drive and iCloud. Many users ended up footing a huge bill because of this bug, as the uploading continued long after they’d used up all the data from their monthly allowance.
Other WhatsApp bugs might affect WhatsApp security deliberately. Hackers often try to add malicious code to WhatsApp so that they can take control of the app. Worryingly, a recent WhatsApp hack created a security flaw that gave the hackers backdoor control of the user’s WhatsApp accounts and allowed them to post fake status updates. Yep, hackers were able to post status updates using the victim’s WhatsApp.
Another WhatsApp security weak spot that you need to look out for is scam links and phishing attacks that you might receive via WhatsApp. As we’ve already mentioned, between us we receive billions of WhatsApp messages every day and many of these include links to third-party websites. Just like with emails, however, we need to be very careful with the links we click on WhatsApp.
One recent WhatsApp scam sent a link promising 1000GB of free mobile data. It was all a scam though, with the link leading to a fake website that was designed to steal personal information, phone numbers, and user’s credit cards.
Fake WhatsApp scams
Over the years we’ve reported on a lot of fake versions of WhatsApp doing the rounds. Like with the types of scam described above, these are designed to steal personal information but can also be used to bombard users with ads in a bid to raise revenue for the hackers. There are two main types of these fake WhatsApp scams.
The first type of fake WhatsApp scam sees the scam app trying to look as much like the real version of the app as possible. One example of this is the Update WhatsApp Messenger scam, which security experts and cybersecurity researchers discovered in 2017. The app had an ad in the Google Play Store that was almost identical to the original WhatsApp’s ad. Downloading it, however, would force the user to see a lot of unwanted ads and prompts to download further scam apps.
The other type of fake WhatsApp scam sees hackers trying to pitch their fake versions of WhatsApp as having new and improved features. Examples of this include the WhatsApp Gold scam, which has been distributed across WhatsApp a few times and the WhatsApp Colors scam, which promised the ability to change and set the background color of the app. Both were fake and were efforts to install adware on users’ phones.
WhatsApp’s Fake news problem
Another security risk that pops up again and again on WhatsApp is the app’s fake news problem. Fake news being spread across WhatsApp has had some truly catastrophic effects all over the world. People have been lynched in India and others were beaten to death following fake reports spread via WhatsApp that child abusers were traveling through parts of the country. The problem in India got so bad that law enforcement and government agencies were forced to intervene and force WhatsApp to take measures to address the problem.
Elsewhere, fake news spread on WhatsApp in Brazil helped to win far-right politician Jair Bolsonaro the presidency. He’s since unleashed terrible forces that have seen huge swathes of the Amazon rainforest burn. Although, not on WhatsApp itself fake news spread in Myanmar using Messenger, another Facebook-owned messaging app, contributed to the Rohingya genocide. This is a very serious issue.
Unsecure chat backups
As we’ve already mentioned, WhatsApp is famous for its robust end-to-end encryption. All messages sent via WhatsApp are protected by the encryption, which makes it next to impossible for unwelcome eyes to see what’s been sent. That is, however, until they’re backed up. Recently, WhatsApp signed a deal with Google that allows users to back up all of their WhatsApp data using Google Drive for free.
The security risk here is that the encryption Google uses to protect Google Drive data isn’t as strong as that used by WhatsApp. When you back up your WhatsApp chats using Google Drive you make them more vulnerable to hacking. The other thing to consider here is that you’re also giving Google access to all your WhatsApp data. You’d better believe that Google knows how to use that too.
We’ve gone through six potential security breaches that could affect users of the WhatsApp chat app. The key to safely avoiding all of them, however, is you. As we always point out in these security guides, you are your best line of defense against online cyber-attacks. You can easily defend yourself against all of these potential WhatsApp security problems if you use your common sense. Keep your app regularly updated, think twice about the dodgy links and messages you receive, and don’t believe anything that appears too good to be true.