There are times when humanity makes you want to give up on life and go live with animals surviving on berries. As a tech-guru (I will be calling myself that today), I have been asked by married men to hack into the WhatApp accounts of their girlfriends. Not spouses, but girlfriends. I know your brain just did six backflips and shouted, “WHAT!”.
Today we are going to talk about how your WhatsApp messages can be compromised and what you can do to protect yourself from your married blesser (Disclaimer: Techzim does not support or endorse extra-marital affairs or dating married men for money even in these trying economic times).
There are a few methods that can be used and the first and easiest is someone just reading your messages. The simplest way to protect yourself is to secure your phone with a password and only give that password to your trusted loved ones. If your phone has a fingerprint scanner, you can also go to WhatsApp Settings -> Account -> Privacy and scroll down to Fingerprint lock and set one up to lock your WhatsApp inbox. Once you lock your phone, no one has a right to demand your passwords, even if this person is your spouse. In Zimbabwe, a spouse still has a right to their privacy and you are not allowed to go through your partner’s phone without their permission.
The second method people use to snoop on you is via a feature called WhatsApp Web. This feature allows you to use WhatsApp on your computer via a web browser. This feature used to give an ever-present notification on your phone when someone connected your WhatsApp account to a web browser, but this seems to be broken now. You will have to periodically check for yourself if anyone has connected your phone to a web browser by clicking on the menu and selecting WhatsApp Web. If the option to Log Out of All Computers is available, click on it and then decide which of your loved ones you need to confront about this breach of privacy.
Next up on our list is something called MAC (Media Access Control Address) spoofing. Every phone with WiFi capabilities has a MAC address and a tech guru like myself can duplicate your phone’s MAC address and use it on another device. This method is quite complex to pull off but if it is done, you will lose access to your WhatsApp account as an account can only work on one device at a time. If this ever happens, then you will immediately know.
Another method that goes hand-in-hand with this one is social engineering (Hopewell Chin’ono mentioned this recently) which was used successfully on Jeff Bezos, the Amazon boss. Protecting yourself is quite simple. Open the WhatsApp App, go to Settings -> Account -> Two-Step Verification -> Enable and set a password. Each time you set up a new WhatsApp account, this password is needed. You will also be asked by the app from time to time to input this password when you open WhatsApp as it changes its encryption key used to protect on device backups.
Another not so well known method is when someone copies the unencrypted database that contains all your messages to a computer. This requires your phone to be rooted or jailbroken, as the database is stored in a secure part of the phone no one can access easily. There are a lot of people who use the feature-packed versions of WhatsApp namely GBWhatsApp, FMWhatsApp and WhatsApp Gold. I have personally noticed on phones that have been brought to me for repairs that these particular versions of WhatApp store unencrypted versions of your chats in the external storage, the same place where your music and pictures are saved. You may want to weigh the benefits of these apps over such security risks.
Lastly, I would not worry about the hundreds of “hack WhatsApp apps” that float around on the inter-web. Most of these are just meant to steal money from the gullible by asking them to pay a certain amount to hack into the accounts they wish to.
Did we miss anything? Beat us up in the comments!