WhatsApp users, enjoying the feature ‘click to chat’ have accidentally exposed their personal numbers in Google search results. Click to chat feature is not very much famous, but this feature allows visitors to have a conversation with website operators through this messaging service. For instance, a visitor has a query about the listing; they can scan QR code through WhatsApp to solve the issue. However, just recently, a researcher has found out that this feature is compromised by a researcher who landed a user’s phone number in public search results. Due to this, those numbers could be used for cyber attacks and scams.
Using this WhatsApp feature will leak your Phone Number in Google search results
Though WhatsApp keeps on boasting about its data privacy, two-factor authentication and end to end encryption, however on an off we come across such privacy lapses, and this time we have come to know that personal data is not safe either on this messaging platform.
WhatsApp users are exposed by WhatsApp owned “wa.me” domain which store click to chat metadata in a URL string. As there are no measures to prevent a search engine from indexing these numbers in metadata, they are leaked to public search results.
The researcher who found out this security lapse revealed that:
“Your mobile number is visible in plain text in this URL, and anyone who gets hold of the URL can know your mobile number. You cannot revoke it. As individual phone numbers are leaked, an attacker can message them, call them, sell their phone numbers to marketers, spammers and scammers.”
Well, since WhatsApp is exposed, it should quickly take some action to save users from this scam. Furthermore, the company has not commented on this. So, let’s wait and watch how things will go better.
Also Read: Now Call Elevators with WhatsApp Messages