Standard Operating Procedures (SOPs) for WhatsApp issues

The SOP is contained in following heads:

-         General Prevention Tips

-         Potential Scams and Preventive Measures

-         Account Takeover Incidents in WhatsApp – Post Incident

General Prevention Tips

1. Overall ways to Protecting Yourself from WhatsApp Scams.

To secure your WhatsApp you may follow the following steps

1.       Go to your WhatsApp

2.       Go to Settings (on WhatsApp).  Click to open.

3.       Go to “Privacy” and click

4.       Scroll down to “Advanced” and click

5.       Here click on both
“Protect IP address in calls” and
“Disable link previews”

Once you do this, hackers cannot hack your phones because your IP address is protected!! 

Once you protect your IP in WhatsApp, the chances of your WhatsApp getting hacked becomes minimal.

·       Call to Confirm

o   Always be wary of any message that induces panic, offers unrealistic deals, or asks for personal information.

o   Unusual urgency or pressure is often a sign of such an attempt.

o   Always call and verify who is on the other side before sharing any information.

·       Be wary of urgent money requests

o   Scammers always cause of sense of emergency on money requests.

o   Always question urgent requests for money.

·       Report to WhatsApp

o   Report any suspicious activity to WhatsApp right away.

o   They can work on shutting down these fraudulent accounts and ensure other users are not impacted.

·       Never answer a WhatsApp call from an Unknown Number

o   Attackers call random users from mobile numbers obtained from possible data leaks using international numbers to pose fake job offers etc.

o   It is suggestion not to attend any unknown call over WhatsApp and block such numbers immediately.

·       5. Change WhatsApp privacy settings

o   Change your privacy settings to view your last seen, profile picture, and to only contacts or nobody.

·       6. Set up 2FA

o   Two-factor authentication helps to improve the security of any online account, not just your WhatsApp account.

o    What’s app 2FA is particularly useful, as it occasionally frequently asks your second password even when what’s app is open and in use by you. Thus, it secures WhatsApp account, if phone is lost or misplaced.

Setting up this ensures an additional layer of protection when you log into an app. A one-time code is sent to your phone, email, or authentication app before you can log in to WhatsApp.

Potential Scams and Preventive Measures

2. Fake messages

Simple message such as a message from a manager or employee asking to purchase gift cards on an urgent basis as they are in an important meeting.

3. Fake Job Scam

·   Scammers often craft fake job messages designed to fool users into disclose personal information. These fake messages can be alarmingly convincing, asking you to input credentials or verify account details.

·   You give details and you are hacked.

4. How to Prevent falling for such scams?

·   Do not reply to any messages from suspicious numbers offering Jobs or any other type of offers. It is advised to block such numbers right away.

·   Do not download any app that seems suspicious or that an unknown individual suggests.

5. Missed voice and video calls from various Country codes.

·   Attackers send a message to the target claiming that they have dialled the wrong number or expressing urgency to communicate about an important matter.

·   They may pose as a friend, a family member, or even a representative from a trusted organization.

·   The message often includes a request to share a code or personal details, such as account credentials or financial information.

·   The scammer preys on the target’s curiosity or concern, hoping that they will unknowingly provide the requested information.

·   DO NOT BE CARRIED BY URGENCY TO DO THINGS IMMEDIATELY. ANY APPROPRIATE AUTHORITY, BANK, GOVT WILL NEVER ASK YOU TO DO THINGS WITHIN ONE/TWO HOURS.

·   Answering or returning these calls can result in such attacks.

·   The attackers gain unauthorized access to their WhatsApp account, using it for malicious purposes like spreading spam, scamming contacts, or extracting more sensitive details.

6. How to Prevent falling for such scams?

·   If the person is claiming to be any of your trusted individuals call back and verify their identity before sharing any information.

·   Do not make any transaction without verification if it’s request over a message.

7. Two-Step Verification Scam & Prevention

·   Attackers set up two-step verification on the victim’s account. The user might be locked out of their account for days, losing control over their data.

·   The victim receives messages from a suspicious number that contains a code.

·   The unknown number will apologize for sending their Verification code to your number and press you to share the code.

·   Once you share the code your account will be taken over by the attacker.

A. How to Prevent falling for such scams?

§  WhatsApp sends these codes as push notifications when you register your phone number on the app. This could happen if someone mistyped your number or is trying to take over your account. 

§  If you get a text message with an unexpected code, delete it. Block any WhatsApp user that asks you to send them a code or PIN. Finally, turn on two-step verification if you receive multiple one-time codes out of the blue.

8. Account Impersonation / Hacked Account

·   The most common scam currently is WhatsApp impersonation, where the attacker pretends to be someone you know or trust. This can be your parents, friends, or mostly colleagues of the company you work at or even the CEO of a company.

·   In this type of attack, attackers gather information on the CEO or the target they are going to impersonate via LinkedIn or any other social media.

·   The attackers then use their names and pictures and send messages to the victim.

·   The messages will be well crafted and will have a sense of emergency to make the victim ignore to fact-check such messages.

·   Mostly these messages will have financial gains or personal information leaks and have a high rate of success as they appear from a trusted source.

A. How to Prevent falling for such scams?

·   WhatsApp sends these codes as push notifications when you register your phone number on the app. This could happen if someone mistyped your number or is trying to take over your account. 

·   If you get a text message with an unexpected code, delete it. Block any WhatsApp user that asks you to send them a code or PIN. Finally, turn on two-step verification if you receive multiple one-time codes out of the blue. 

Account Takeover Incidents in WhatsApp – Post Incident

1. Immediate Action: Attempt Re-Login

·       Reinstall app

·       Open WhatsApp on your phone.

·       Enter your registered phone number.

·       Request the 6-digit verification code (OTP) via SMS.

·       Enter the OTP to regain access.

Note: If a Two-Step Verification PIN has been set by the attacker, you will not be able to log in. Proceed to step 2.

2. Contact WhatsApp Support

a. Use below Link to report

https://www.whatsapp.com/contact/forms/1534459096974129

b. Send an Email To: support@whatsapp.com

----------------------------------------------------------------------------

Subject Line: URGENT: Account Taken Over - +91XXXXXXXXXX

Email Body Template:

Hello WhatsApp Support,

My WhatsApp account linked to the phone number +91XXXXXXXXXX has been taken over by someone without my consent. I am unable to access my account, and I suspect unauthorized access.

Please temporarily deactivate the account to prevent misuse. I am the rightful owner and request immediate assistance to recover access.

Details:

- WhatsApp number: +91XXXXXXXXXX

- Device used: [e.g., Android/Samsung Galaxy S23]

- Approximate time of compromise: [e.g., 08 June 2025, around 2 PM IST]

- Two-step verification PIN: Unknown (possibly set by the attacker)

- Alternate contact email: your.email@example.com

Attached: [any screenshots, call logs, ID if asked later]

Please help secure and recover my account urgently.

Regards, 

[Your Name]

--------------------------------------------------------------------

3. Request Temporary Deactivation (If Necessary)

If you are unable to recover your account and want to prevent misuse, include the line:

"Lost/Stolen: Please deactivate my account"

WhatsApp will disable your account for 30 days.

4. Notify Contacts

• Use alternate channels (SMS, Telegram, Email) to inform your contacts.

• Advise them not to respond to suspicious messages from your number.

5. Report to Cyber Crime Authorities (Optional but Recommended)

• Visit: https://www.cybercrime.gov.in

• File a complaint regarding identity theft or impersonation.

• You can also report to your nearest cyber police station.

6. Post-Recovery: Secure Your Account

After recovering access:

• Go to Settings > Account > Two-step verification

• Set a secure PIN and recovery email.

7. For WhatsApp Business API Users (via BSP)

• Contact your Business Solution Provider

• Request revocation of sessions and 2FA reset.

• CC support@whatsapp.com when escalating.

A Business Solution Provider (BSP) is a third-party company officially authorized by Meta (WhatsApp's parent company) to offer WhatsApp Business API services to medium and large businesses. These providers act as intermediaries between businesses and the WhatsApp infrastructure

If your WhatsApp number is being used through the WhatsApp Business API (not the WhatsApp Business app), your account is hosted and managed by the BSP. So in case of a takeover, the BSP is your first line of support—not WhatsApp directly.

🔧 In a takeover scenario, BSPs can:

• Suspend or disable compromised sessions

• Investigate logs and access trails

• Re-provision the number to secure infrastructure

• Help you regain control over templates, sessions, and message history

• Report to Meta on your behalf if deeper escalation is needed