More than a billion people use the WhatsApp mobile messaging app that helps you send text messages, photographs, videos and audio.  Due to its extreme popularity, it is not surprising that WhatsApp has become an attractive platform for scammers. I have reported to you for years about the various scams targeting WhatsApp users.  Earlier this month Facebook, which owns WhatsApp discovered a vulnerability in the WhatsApp software that had been exploited by spyware developed by NSO Group, a company that licenses its software to government agencies.  It appears that relatively few WhatsApp users were targeted by an unknown group using spyware, most likely a governmental agency.  WhatsApp has made changes to block the particular spyware.  A spokesman for WhatsApp said, “WhatsApp encourages people to upgrade to the latest version of our app, as well as keep their mobile operating system up to date, to protect against potential targeted exploits designed to compromise information stored on mobile devices.”


WhatsApp has patched the particular vulnerability exploited by NSO Group and it is important to update your version of WhatsApp to the latest version as suggested by WhatsApp.  It is always a good idea to download and install the latest security updates and patches for all of the programs you use as soon as they become available.  Also, in 2017 WhatsApp added dual factor capabilities and you should use this if you are a WhatsApp users.  Passwords are just too vulnerable to be the sole method of authentication for important apps or accounts.  Whenever you are able to use dual factor authentication for a particular website, account or app, you should take advantage of this.  Some dual factor authentication protocols do not require it to be used when you are accessing the account from the computer or smartphone that you usually use, but only if the request to access the account comes from a different device, which still provides security without even having to use the special code.

If you are not a subscriber to and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of and click on the tab that states “Sign up for this blog.”