WhatsApp is about to change forever—but there’s a serious twist to that update that is not usually mentioned, but which changes everything. There are also serious hidden threats for the platform’s 2 billion users, and you need to understand the risks…
WhatsApp is just about to change—the launch of a messaging hub for third-party chats is making headlines. The update has been driven by Europe’s DMA, which mandates gatekeepers—such as Meta—open up gateway apps—such as WhatsApp. On the surface, this is hugely exciting for WhatsApp users, promising a completely new one-stop-shop messaging experience.
Except it isn’t—and it doesn’t.
The catch with WhatsApp’s new update is that it’s just an offer to other platforms to push messages into WhatsApp if they want to. And, thus far, no platform of any size or scale seems to want to. Which basically renders the update almost pointless. Yes, some niche messaging platforms might play, but the idea that Signal and Telegram and iMessage will all suddenly be in one place is just fanciful.
I reached out to Signal, Apple, Telegram, Google and Signal—and none confirmed any interest in participating. Now, that could change, of course. But there’s little incentive for Apple or Google or Signal or Telegram to push its users to WhatsApp. As I have said before, the network effect and scale means that were they to do that, the likely winner would actually be WhatsApp.
So, this update is not what it seems—but there’s actually a much more serious issue. Any change of this scale and publicity brings out the scammers. And you can expect a flood of texts and emails and online links suggesting a way to integrate other platforms into WhatsApp. Avoid them all. This will simply be a way for threat actors to gain access to your messages or, worse, your entire device.
The scams will link to legitimate news sites and update articles—but the links will be dangerous.
As ESET’s global cybersecurity ambassador Jake Moore warns, “as with any change in technology, fraudsters will be quick off the mark to target those unsure of the new features. Allowing users to chat with people on WhatsApp through third-party apps like iMessage and Signal will inevitably cause some users to be unclear as to what is authentic and what is a scam… It remains the same as always, when in doubt, do more research and never be too quick to click on links.”
All the details as to what will happen in practice remain unclear—except that it will be almost nothing for some time. Even if the other leading messaging platforms did decide to play, there would be months of negotiating, planning and implementation. And if that all happened, it remains unclear how people will find one another across apps, especially given that the next wave of security updates—including for WhatsApp itself—looks like moving from phone numbers to user names, as Signal has just done. Do users have to expose their phone numbers to play? That would be a backward step.
For now, ignore the update. It’s unlikely to make any difference to your day-to-day life. You should continue to use your messaging apps exactly as now. If/when other platforms decide to play with WhatApp or other interoperable gatekeepers, make sure you only link through the official apps.
Here are the golden rules you should follow at all times:
- Do not click emailed or texted links promising to handle interoperability for you
- Do not install unofficial messaging app extensions or add-ons or interfaces
- Do not install any supposed messaging interfaces or integration apps
- Do not give your login details away every to anyone—ever
- Do not share 2FA security codes—ever
As Wired pointed out in the article that kicked off all these headlines, “how much of a problem spam and scamming will be across apps is largely unknown until people start using interoperable setups.”
WhatsApp’s own engineering director, Dick Brouwer, warned of the same in his interview with Wired. “One of the core requirements here, and this is really important, is for users for this to be opt-in. I can choose whether or not I want to participate in being open to exchanging messages with third parties. This is important, because it could be a big source of spam and scams.”
Moore agrees. “Balancing convenience and security is a mean feat in itself and this shift in ease of use could lend itself to scammers wanting to take advantage of these changes.” The good news is that nothing happens unless you want it to. “You can choose whether or not you participate in exchanging messages with third party apps. It might be advisable to activate it only if necessary.”