NCCIA Alerts Users on WhatsApp Hacks, Shares Steps to Secure Compromised Accounts

As incidents of social media account takeovers continue to rise, the National Cybercrime Investigation Agency (NCCIA) has issued fresh guidance for WhatsApp users on securing compromised accounts and limiting further damage.

In an advisory released on Monday, the agency urged users to act swiftly if they suspect unauthorized access or suddenly lose control of their WhatsApp account. According to the NCCIA, the first step is to uninstall and reinstall the application, followed by logging in again using the registered phone number.

Once the number is entered, WhatsApp sends a six-digit verification code via SMS. The agency stressed that this code should be entered immediately. Doing so automatically forces a logout from any other device, as WhatsApp allows an account to remain active on only one mobile phone at a time.

The NCCIA also addressed a common concern faced by affected users. In some cases, WhatsApp may display a message asking the user to wait up to seven days before regaining full access. This typically occurs when a hacker has enabled WhatsApp’s two-step verification feature and the PIN is unknown to the original user.

However, the agency clarified that there is no need to panic in such situations. Even if the seven-day waiting period applies, entering the SMS verification code already blocks the attacker’s access. During this period, neither the user nor the hacker can access the account or read messages.

The NCCIA advised users to remain cautious, enable security features proactively, and report suspected cyber incidents through official channels. The agency said such measures are critical as messaging platforms increasingly become targets for fraud, identity theft, and social engineering attacks.

Also read:

Senior NCCIA Officers Under Fire for Rs120 Million Bribery and Extortion Case