How to spy on WhatsApp conversations

Judging by the number of messages I receive every day on this topic, how to spy on WhatsApp conversations must have become a sort of national obsession: there are those who write to me asking me for explanations about it with the ill-concealed intention of poking my nose in the chats of boyfriends and friends and those who do it because they are concerned about their privacy and want to receive advice on how to increase the security of their conversations. In short, whatever you put it, WhatsApp is always at the center of attention and therefore it seems only right to dedicate a new post to it.

With today’s guide, therefore, I will focus on the techniques used by malicious people to spy on WhatsApp messages and on which are the most effective “weapons” to defend against such attacks. Fortunately, all you need is a bit of common sense, you don’t have to invent any tricks to communicate reasonably quietly on WhatsApp.

How do you say? Does this sound interesting and would you like to learn more about it? Very well! Then take five minutes of free time and consult, step by step, all the information you find below. I hope they will be useful to you, if only to have a clearer idea of ​​the techniques of the “spies” to be careful of. Enjoy the reading!

Index

  • Preliminary information
  • How to spy on WhatsApp conversations
    • How to spy on WhatsApp conversations over Wi-Fi
    • How to spy on WhatsApp conversations without installing programs
    • How to spy on WhatsApp conversations by knowing the number
    • Other tactics for spying on WhatsApp conversations
  • How not to be spied on WhatsApp conversations

Preliminary information

Before getting to the heart of the guide, going to explain how malicious people spy on WhatsApp conversations, there is some preliminary information that it is my duty to provide you to allow you to have perfectly clear ideas on the matter.

First, keep in mind that, in late 2014, WhatsApp, thanks to a collaboration with the developers of Open Whisper Systems, began adopting an end-to-end encryption system called TextSecure.

The system in question is based on the use of a pair of keys: a public key, which is shared with your interlocutor and a private key , which instead resides on the smartphone of each individual user.

Everything happens in real-time and without the user having to lift a finger, as the entire system works completely automatically “behind the scenes” of the application, but thanks to this technology, messages travel from the smartphone to the servers of WhatsApp encrypted and can only be read by legitimate senders and recipients. For more details about it, you can read my specific guide on how to encrypt WhatsApp.

The only security uncertainty of this mechanism lies in its implementation by the application. WhatsApp, in fact, is closed source software and it is not possible to examine the content of its source code. By virtue of this, we cannot exclude with absolute certainty the presence of any flaws or sensational errors in the implementation of the TextSecure system. However, these are remote hypotheses: WhatsApp is reasonably safe and therefore there is no need to be paranoid about the level of secrecy of one’s communications.

In this regard, based on some tests, such as the one conducted by Heise in 2015, it emerged that at the time end-to-end encryption was used only on the Android version of WhatsApp, while in all other cases it continued to be used. a system based on the RC4 algorithm, operating exclusively on output and considered unreliable for some time now. To date, however, the situation is totally different and end-to-end encryption is used on all platforms for which WhatsApp is available.

How to spy on WhatsApp conversations

Having made the necessary clarifications above, I would say that we can go to the point and go and find out, therefore, how to spy on conversations on WhatsApp, or rather what are the various tactics that the attackers adapt to succeed. Find all the explanations you need right below.

How to spy on WhatsApp conversations over Wi-Fi

As already mentioned, WhatsApp adopts an end-to-end encryption system, whereby messages travel in an encrypted manner from the sender’s smartphone to that of the recipient, passing through the service servers. This means that nowadays spying on WhatsApp conversations via Wi-Fi is no longer feasible, so even “sniffing” the wireless network to which the phone is connected it is not possible to discover its content.

Some time ago, however, one of the most sophisticated techniques for spying on WhatsApp conversations was precisely that of “sniffing” the wireless network to which the victim’s smartphone was connected. With the term “sniffing” we intend to examine, using software designed for the purpose, all the data that pass in clear text on a Wi-Fi network (such as WhatsApp messages).

This is an operation not really within everyone’s reach, but not as difficult as one might believe. In fact, there are numerous software, some of which are also free, such as the excellent Wireshark, which I told you about in my guide on how to sniff a wireless network, which allow you to analyze the data circulating on a wireless network in a very intuitive way.

How to spy on WhatsApp conversations without installing programs

A valid technique that could allow an attacker to spy on WhatsApp conversations without installing programs is to clone the MAC address of the victim’s phone. If you have never heard of it, the MAC address is a 12-digit code that uniquely identifies the network cards of computers and all devices capable of connecting to the Internet.

By installing special applications on your smartphone, an attacker can therefore disguise his MAC address and “deceive” WhatsApp, making the application believe that you are using another phone (in this case, the cell phone of the person to be spied on). Fortunately, this is not an easy procedure, also because it requires a lot of time, as well as prolonged contact with the smartphone of the targeted subject.

To give a concrete example, if an attacker is using an Android phone, he must first have unlocked the device via root and must have installed applications that allow you to change the MAC address (eg. BusyBox and Mac Address Ghost, which I told you about more specifically in my guide on how to clone WhatsApp ). Next, must be concerned to find out the MAC address of the victim’s phone (found in the screen info of Settings Android), must set the obtained data on their smartphones, WhatsApp install and activate the application using the number of the person spying.

For added security, I recommend using a VPN. If you don’t know what it is, it consists of an Internet connection through a virtual private network which, by encrypting communications and disguising the user’s real geographical location, acts as a shield against all sorts of spies. It also allows you to bypass regional censorships and restrictions. There are many VPN solutions available: among these I point out NordVPN (which I told you about in detail here ) and Surfshark which are cheap and work on all devices.

However, considering the difficulty in implementing what has just been described, until recently the spies of WhatsApp preferred to adopt a more “artisanal”, but also much more effective tactic: borrowing a cell phone from the victim, with any excuse and using it start WhatsApp Web or the WhatsApp client for Windows or macOS.

As I explained to you in my tutorial on how to use WhatsApp on PC, WhatsApp Web and the WhatsApp client for a computer allow you to read and send messages from your PC using your smartphone as a “bridge”. To use them, in fact, just open WhatsApp on the mobile phone and scan a QR code that is displayed on the computer screen. Furthermore, through the function that allows you to stay connected, you can store the user’s identity and access conversations without requiring a new scan of the QR code each time. As things currently stand, however, the technique in question can no longer be considered valid, as notifications relating to access are sent and biometric identification is required.

How to spy on WhatsApp conversations by knowing the number

If you are wondering if there is a way to spy on WhatsApp conversations by knowing the number, or rather by having only the latter as data available, the answer is yes. Among the potential threats, you should be on guard against are apps and services to monitor WhatsApp.

These are tools that allow you to know the times of access to a person’s WhatsApp simply by typing his phone number. They do not require physical access to the victim’s smartphone and it is not possible to defend against their action (WhatsApp access times are public data after all), but at least one can console oneself with the fact that neither messages nor contacts are spied on.

In most cases, such solutions can be used for free, but to be able to take advantage of the most advanced features, such as exporting the data obtained and to be able to use them without limitations, you need to subscribe.

Other tactics for spying on WhatsApp conversations

There are also other tactics that can allow you to spy on WhatsApp conversations. More precisely, as I explained to you in my tutorial on how to spy on a mobile phone, there are apps that allow you to spy on everything that happens on your smartphone, some milder and easier to use and others more invasive and dangerous.

Among the less fearful solutions are the apps for parental control, such as Qustodio, which is available for both Android and iOS and Screen Time, also usable on both Android and iOS , which allow both monitoring and restrict the use of various apps, including WhatsApp. Fortunately, they are not able to record what is typed on the smartphone keyboard or to directly capture WhatsApp messages but, if properly configured, they can still be very invasive. They also don’t cost much, you can try them for free and then they have very affordable prices.

Far more dangerous than parental control apps, there are spy apps, i.e. applications designed with the express purpose of spying on everything that happens on the smartphone: the texts typed on the keyboard, the sites visited, the calls made, the messages exchanged. on WhatsApp and much more. As can be easily understood, these are very dangerous applications (among other things they are completely invisible to the user’s eyes), but fortunately they are not within everyone’s reach as they only work on root-unlocked devices and are quite expensive, as in the case of iKeyMonitor, which is one of the most popular spy apps in the category.

In short, if someone manages to have physical access to a given user’s phone and install one of these apps, they could monitor their WhatsApp conversations, monitor your online activities and even take pictures of you in secret.

How not to be spied on WhatsApp conversations

Based on what has been said in this guide, to avoid being spied on WhatsApp conversations it is essential to manage your smartphone conscientiously and prevent the violation of your privacy by implementing some precautions, the ones I have reported here. under.

  • Updating WhatsApp– keeping the WhatsApp app up-to-date allows you to circumvent any flaws that malicious people may find and use to spy on your conversations. If you don’t know how to do this, you can read my guide specifically dedicated to how to update WhatsApp.
  • Avoid using public Wi-Fi networks– sniffing wireless networks shouldn’t be more effective with end-to-end encryption, but to be even more secure I suggest you avoid connecting your mobile phone to public wireless networks and/or to networks without adequate protection (better to use the 3G / 4G / 5G network if you are not at home). Also, if at home you have not yet changed the default key of your router, immediately change the password of the Wi-Fi network following the instructions in my tutorial on how to change the password to the modem.
  • Disconnect devices from WhatsApp– if you suspect that someone is using your WhatsApp account without your consent, you can run for cover by opening the application on your smartphone and closing all currently active access to WhatsApp Web or WhatsApp for computer (in this way, to continue reading the messages from the PC, you will be prompted to scan the QR code again). To do this, proceed as follows: if you are using an Android terminal, press the button with the three vertical dots located at the top right, select the WhatsApp Web item from the menu that appears, then the session you want to deactivate and tap on the Disconnect item or press directly on the Disconnect to all devices button at the bottom; if you use an iPhone, go to the Settings tab located at the bottom right and select the WhatsApp Web / Desktop item present in the latter, then select the device to disconnect and tap the Disconnect button or directly touch the Disconnect from option all devices. For more details, read my guide on how to disconnect WhatsApp Web.
  • Activate the screen lock on WhatsApp– WhatsApp includes a function that allows you to block access to the app via face or fingerprint and which is very useful for preventing unauthorized third parties from accessing your chats. To enable this feature, went to the section Settings> Account> Privacy> Screen lock WhatsApp and port ON l ‘ switch to activate the screen lock. For more information, see my post on how to put the block on WhatsApp.
  • Configuring a secure PIN– using a sufficiently secure PIN for your smartphone can prevent “upstream” that any malicious people can get their hands on the phone and, therefore, also on WhatsApp. To change the PIN of your mobile phone, proceed as follows: if you use Android, go to Settings> Security> Screen Lock and select the PIN item (or Sequence, if you want to use a gesture instead of the code); if you use an iPhone, go to the Settings> Face ID / Touch ID and code section and select the voice and Change the code. For more information, read my post on how to lock the screen.
  • Disable the display of SMS on the lock screen– by cloning the MAC address of the cell phone, an attacker could activate WhatsApp on his phone using his number. To do this, however, it should read the verification code delivered via SMS on your mobile phone. Consequently, by disabling the display of SMS on the lock screen you can prevent such situations from occurring. To do this, do this: if you are using Android go to the Settings> Security> Lock Screen> PIN section, set a PIN and choose to hide sensitive content; if you are using an iPhone, go to the Settings> Notifications> Messages section and deselect the Screen lock item. If you think you need more details, read my post on how not to show messages on the lock screen.
  • Check for spy apps– if you think there are spy apps on your smartphone, go to the list of apps installed on your device to check it out. To do this, proceed as follows: if you are using Android, go to the Settings> Apps> All section and delete all suspicious apps, then go to the Settings> Security> Device administrators menu and take a look at the list of apps that have the permission to control the system and if among these you find any that you have not personally authorized, deselect it and uninstall it; if you are using an iPhone, go to the Settings> General> iPhone Space section and delete the apps you think may be spying on you, by clicking on their name and on the words Delete app. For more details, read my post on how to delete spy software from cellphone.
  • Reactivate your account if deactivated– if someone has activated WhatsApp on another device using your phone number, you will no longer be able to use it on your mobile. So, in the event that your account should be deactivated, immediately contact WhatsApp assistance to report the matter. For more information, see my guide on how to contact WhatsApp.

 

Leave a Reply

Your email address will not be published. Required fields are marked *