WhatsApp accounts are stolen daily – not through technical hacks, but through simple tricks. Scammers steal verification codes via SMS, link other people's devices using manipulated links, or lure victims with fake polls. The victims lose control of their accounts, while the attackers send messages to all their contacts in their name – often requesting money or containing further fraudulent links. This article reveals the current scams, explains step-by-step how to recover a hacked account, and outlines the settings that will permanently secure your account.
The basic principle is always the same: Whoever gets hold of WhatsApp's six-digit SMS verification code can activate the account on another device and lock out the actual owner. The fraudsters don't need any technical knowledge for this – just a pretext convincing enough for the victim to voluntarily hand over the code or enter it on a manipulated website.
Particularly dangerous: The messages often come from a contact in your address book that has already been hacked. A message from a friend or family member seems trustworthy – and that's exactly what the perpetrators are counting on.
The most common scams
Stitch 1: The forwarded verification code
The classic method. An already hacked account contacts a contact and claims to have accidentally sent a code to the wrong number. The request: quickly return the six-digit code, which arrives via SMS on the victim's phone. Anyone who forwards the code immediately loses control of their own WhatsApp account. The attacker activates the account on their own device and locks the victim out.
The golden rule: Never share the six-digit verification code with anyone – under any circumstances, not even friends or family. WhatsApp itself only requests this code within the app, never via message or call.
Scheme 2: The fake vote
A message – seemingly from an acquaintance – asks you to vote for a friend's child in a dance competition or similar online poll. The link leads to a professionally designed website. There, you are asked to enter your phone number for "verification." The next step requires a code, supposedly to confirm your vote – in reality, it's the WhatsApp pairing code. Anyone who enters it grants the scammers full access to their account.
Scheme 3: Ghost Pairing via connected devices
This newer variant exploits WhatsApp's "Connected Devices" feature. A manipulated link tricks the victim into entering their phone number. The attacker then uses this information to initiate a device pairing. Unlike a traditional takeover, the victim's WhatsApp account often continues to function normally – while a third-party device reads and sends messages in the background.
The insidious thing is that many victims only notice the access when friends receive strange messages or further fraud attempts are made via their own account.
How can I tell if my account has been hacked?
Several signs point to an account takeover: WhatsApp unexpectedly logs you out and login attempts fail. Contacts report messages that weren't sent by the account holder. Unknown messages appear in the chat history, or messages you never wrote have been deleted. Devices you didn't pair appear under "Linked Devices." WhatsApp sends an unsolicited verification code via SMS.
One of these signs alone does not necessarily mean a takeover – but if several occur simultaneously, action should be taken immediately.
Recover hacked WhatsApp Account
Step 1: Check connected devices and log out
If access to WhatsApp is still active: Open WhatsApp and under Settings > Linked devices, log out all unknown devices. This will immediately stop access from unauthorized devices.
Step 2: Reinstall WhatsApp and verify your number
Uninstall WhatsApp and reinstall it from the App Store. Enter your phone number. WhatsApp will send a new six-digit verification code via SMS. Enter this code. Once verification is complete, the attacker will be automatically logged out and can no longer send messages in the victim's name.
Important: This step only works if your SIM card is still active and can receive SMS messages.
Step 3: PIN for two-step verification
The attacker may have set their own PIN for two-step verification after taking over the account. In this case, WhatsApp will ask for a PIN upon login that the victim doesn't know. There are two options here: If an email address was registered with the WhatsApp account, the PIN can be reset via "Forgot PIN." If no email address was registered, you must wait seven days before the account can be recovered without a PIN.
Step 4: Check SIM card (in case of SIM swapping)
If your smartphone suddenly loses network coverage, displays "No Service," or stops receiving SMS messages, it may be a SIM swapping attack. In this case, the attacker has switched your phone number to a new SIM card. Immediately call your mobile provider, have the old SIM card blocked, and request a new one with the same number. Additionally, set up a SIM PIN or provider password to make further attacks more difficult.
Step 5: Warn contacts and file a report
Inform as many contacts as possible via another channel (SMS, call, email) that your WhatsApp account has been hacked. This will prevent friends and family from falling for fraudulent messages or transferring money. Then file a police report – this is important because crimes may have been committed using the hacked account.
Securing your Account: The most important Settings
Enable two-step verification
The most effective security measure. Under WhatsApp > Settings > Account > Two-step verification > Activate, set a six-digit PIN. Additionally, enter an email address that can be used to reset the PIN if lost. With two-step verification enabled, an attacker needs both the SMS code and the PIN – even if the verification code is intercepted, the account is protected.
Check connected devices regularly
Regularly check under Settings > Linked Devices to see which devices are connected to your account. Immediately disconnect any unknown or unused devices.
Activate App lock
WhatsApp offers the option to lock the app with Face ID or Touch ID under Settings > Privacy > App Lock. This prevents anyone from opening the app, even if the iPhone is unlocked.
Enable Security Notifications
Go to Settings > Account > Security notifications and activate the switch. WhatsApp will then notify you when a contact's security code changes – for example, because the person has set up a new phone or reinstalled WhatsApp. If the contact hasn't changed devices, this could indicate an account takeover.
Setting up Passkeys
WhatsApp now supports Passkeys as an alternative to PINs. Biometric authentication for login can be activated under Settings > Account > Passkeys. Instead of a PIN code, a cryptographic key is stored on the device – particularly secure, but less practical when frequently switching devices.
Recognizing scams: Basic rules
All WhatsApp scams follow a similar pattern: urgency, pressure, and a pretext that forces action. A few simple rules can protect against most attacks.
Never share verification codes, PINs, or passwords with anyone—not even friends or family who ask for them. If you receive unexpected messages with links or requests for help, contact the sender through another channel (call, text) and ask if the message is genuine. Do not enter phone numbers on unknown websites, even for seemingly harmless polls. Always be skeptical of messages with a time pressure ("act immediately," "today only").
Besides account takeovers, scammers also use WhatsApp for other schemes – such as fake investment groups where they build trust with promises of profits before pressuring victims to make deposits. The German Federal Financial Supervisory Authority (BaFin) regularly warns against such groups. Anyone added to such a group without their consent should leave immediately and report it.
WhatsApp account hacked – the most important information at a glance
Most WhatsApp account takeovers are not based on technical vulnerabilities, but on social engineering – attackers trick their victims into voluntarily revealing codes or information. The six-digit SMS verification code is the key to the account and must never be shared under any circumstances. Two-step verification is the most important security measure and should be activated immediately. Those who have already fallen victim to a takeover can, in most cases, recover their account by reinstalling WhatsApp and re-verifying their phone number.
If you want to make your iPhone more secure overall, you'll find further tips in our article Setting up your iPhone correctly: Checking, blocking, and filtering calls. The best products for you: Our Amazon storefront offers a wide selection of accessories, including those for HomeKit. (Image: Shutterstock / Samuel Boivin)
- Recognizing Phishing: How to protect yourself from fraud
- Creating, Changing, and Deleting an Apple ID: The complete Overview
- Activate iPhone Call forwarding: All Methods under iOS 26
- iPhone vibrates for no Reason: Causes and Solutions under iOS 26
- Connecting and resetting AirPods: Instructions for all Models
- AirDrop not working: All Solutions for iOS 26
- iPhone loading slowly: Causes and Solutions under iOS 26
- iPhone Screen Recording: Instructions for iOS 26
- How to view your Wi-Fi Password on your iPhone: All Methods under iOS 26
- iPhone Update Problems: All Solutions for iOS 26
- Creating an iPhone Backup: All methods under iOS 26
- Transferring Data to a new iPhone: All Methods under iOS 26
- Clear History on iPhone: Safari, Chrome and more
- Disable Audio Zoom on iPhone
- iPhone Battery drains quickly: Here's how to extend Battery Life under iOS 26
- Resetting your iPhone: All reset methods under iOS 26
- iCloud Costs: All storage plans, prices, and which one is worth it
- Recording an iPhone call: What works in Germany – and what doesn't
- Clear iPad Cache: More Storage and better Performance
- Clear iPhone cache: How to make your iPhone fast again
- Search iCloud.com: Activate new search function in iOS 26.4
- Apple Watch Tips: Hidden features you didn't know about
- iPhone storage full? Here's how to instantly free up more space
Frequently Asked Questions: WhatsApp account hacked
Yes. Attackers can gain access via the "Connected Devices" feature if the victim confirms a pairing request or enters a pairing code on a compromised website. The victim's own WhatsApp account often continues to function normally during this process.
An additional security layer requires you to enter a self-chosen six-digit PIN in addition to the SMS code. Even if an attacker intercepts the SMS code, they cannot take over the account without the PIN. Activate under Settings > Account > Two-Step Verification.
No. A WhatsApp account takeover only affects the WhatsApp account. The attacker has no access to the iPhone, other apps, or files on the device.
The attacker set their own PIN after taking over the account. Tap "Forgot PIN." If an email address was registered, the PIN can be reset immediately. Without an email address, you must wait seven days before the account can be recovered without a PIN.
Legitimate polls never require WhatsApp verification or a phone number. If you receive a link from someone you know that asks you to enter personal information, contact them via another channel (phone call, text message) and ask if the message is genuine.
Yes. Filing a police report is important because crimes may have been committed in someone else's name using the hacked account. The report documents that the account was not under the control of the rightful owner at the time of the crime.
Not exactly. The app lock under Settings > Privacy > App Lock prevents someone with physical access to the unlocked iPhone from opening the app and reading chats. It doesn't protect against takeover via verification code or ghost pairing – for that, two-step verification is the most important measure.
