Is your WhatsApp number lost in Google search?

• The comparison
• Tutorials
• Is your WhatsApp number lost in Google search?

WhatApp has always had security holes. The social messaging app, to its credit, has regularly processed them. And once again, WhatsApp must do its firefighting job well, as an independent Indian cybersecurity researcher and bounty hunter has made the serious claim that many WhatsApp users' mobile numbers are available through a simple Google search. But for now, Facebook, which owns WhatsApp, has denied this, saying that search results only reveal what users have chosen to make public anyway. The researcher, Athul Jayaram, claimed that the WhatsApp web portal had revealed between 29,000 and 300,000 mobile numbers of plaintext WhatsApp users accessible to any plaintext user. "Affected users are from the US, UK, India and almost every other country. What makes it easy or seems simple is that the data is accessible on the open web, not on the black net," he says. Jayaram. Jayaram says a bug in WhatsApp's Click to Chat feature was jeopardizing the phone numbers of users of the social messaging site by allowing Google Search to index them. Click to chat allows users to start a WhatsApp conversation with another user without storing their phone numbers in the sender's address books. This allows websites to interact with their visitors without the visitor dialing the phone number.

Remember when WhatsApp groups were available on the internet using Google search? Well now the phone numbers are: pic.twitter.com/lYC8ACV7oW7 June 2020

Messages can also be filtered

Facebook removed the functionality to search for users with their phone numbers a year ago due to a privacy risk and a phone number leak. But a few days ago WhatsApp launched a new feature where friends can add you to their list by scanning a QR code. Jayaram says that the phone numbers of those who use this feature to connect to websites may appear in Google search results as the search indexes the feature's metadata. He says that users' phone numbers are visible in plain text in the URL: https://wa.me/. Of course, this would be a great help to online scammers. "Depending on your Whatsapp privacy settings, if the privacy settings are set to public, they may already have your profile picture, your name, your profile status. Since they have your mobile number, they can SMS , calls. The best way to avoid it is to delete your WhatsApp account or change your mobile phone number, "he warns. Revealed WhatsApp numbers from any country can be found using Google search query site: wa.me"For example, Indian mobile numbers can be accessed on Google by typing: site:wa.me "+91" in the search bar. Most users tend to have the same profile picture on their other accounts. Therefore, their other details can be easily discovered as well. Ominously, Jayaram says: "Some users also leaked their messages, presumably they used the web API to communicate and these links were explored." The industry standard is that any user data leaks, particularly from multiple users, must be dealt with quickly.

Google this - site: https: //t.co/lQejnYDjvs "+91" You will end up with thousands of @WhatsApp numbers that, I suppose, should not be available to the public. Wondering if @Whatsapp will fix it or keep it that way on purpose? Fun fact, it works for almost all countries. ? pic.twitter.com/g8MtotmxW5 June 7, 2020

WhatsApp seems indifferent

When Jayaram contacted the Facebook team, they were allegedly told that data abuse is only covered for Facebook platforms and not WhatsApp. Facebook's approach is a bit confusing. Today mobile number is essential for anyone as it is linked to their bitcoins, Aadhaar wallets, bank accounts, UPI, credit cards. Any vulnerability on this front can be disastrous for users, both financially and personally. This privacy issue could have been avoided if WhatsApp encrypted users' mobile numbers, added a robots.txt file to prevent bots from exploring your domain, and a noindex meta tag on pages, says Jayaram. WhatsApp was quoted by this report as saying: "While we appreciate this researcher's report and appreciate the time he took to share it with us, it was not eligible for a bonus as it simply contained a search engine index of URLs that WhatsApp users have chosen to make public. All WhatsApp users, including businesses, can block unwanted messages with the touch of a button."