Your WhatsApp phone number could appear in Google Search | Tech News

Your WhatsApp phone number could appear in Google Search

This bug can be used to find a WhatsApp user's other social media accounts.

By: HT TECH
| Updated on: Aug 20 2022, 21:22 IST
The researchers said that since WhatsApp identifies only phone numbers, Google Search revealed just the phone numbers, and not the identities of the users of the social messaging site.
The researchers said that since WhatsApp identifies only phone numbers, Google Search revealed just the phone numbers, and not the identities of the users of the social messaging site. (Reuters)

WhatsApp has a host of features in its arsenal that make it errrrres has a bug that makes a WhatsApp user's phone number appear in Google Search results.

Bug-bounty hunter Athul Jayaram told Threatpost that a bug in WhatsApp's Click to Chat feature was putting the phone numbers of the users of the social messaging site at a risk by allowing Google Search to index them. This in turn would allow anyone to search for users' phone numbers on the web thereby putting them at a great privacy risk.

You may be interested in

MobilesTablets Laptops
25% OFF
Google Pixel 128GB
  • Black
  • 4 GB RAM
  • 128 GB Storage
Samsung Galaxy S23 5G
  • Green
  • 8 GB RAM
  • 128 GB Storage
OnePlus 11R
  • Sonic Black
  • 8 GB RAM
  • 128 GB Storage
11% OFF
Google Pixel 7A
  • Charcoal
  • 8 GB RAM
  • 128 GB Storage

To give you some brief information about the feature, Click to Chat allows users to initiate a WhatsApp chat with another user without saving their phone numbers in the sender's address books. This allows websites to interact with their visitors without having the visitor to dial in the phone number.

Also read
Looking for a smartphone? To check mobile finder click here.

Now, Jayaram says that the phone numbers of the visitors who use this feature to connect with websites can show up in Google Search results as the search indexes the feature's metadata. The bug bounty hunter says that users' phone numbers are visible in plain text in the URL -- https://wa.me/<phone_number> -- making it easier for scammers to compile a list of legitimate phone numbers. He has found 300,000 indexed on Google for far.

“As individual phone numbers are leaked, an attacker can message them, call them, sell their phone numbers to marketers, spammers, scammers,” he said in a statement to the publication.

Furthermore, Jayaram said that since WhatsApp identifies only phone numbers, Google Search revealed just the phone numbers, and not the identities of the users of the social messaging site. However, this information can be used to access users' profiles

“Through the WhatsApp profile, they can see the profile photo of the user, and do a reverse-image search to find their other social-media accounts and discover a lot more about [a targeted individual],” he added.

The researcher discovered the bug on May 23 following which he contacted Facebook via its bug-bounty program. However, the company responded by saying that WhatsApp was not covered in the company's data abuse program.

“While we appreciate this researcher's report and value the time that he took to share it with us, it did not qualify for a bounty since it merely contained a search engine index of URLs that WhatsApp users chose to make public. All WhatsApp users, including businesses, can block unwanted messages with the tap of a button,” WhatsApp said in a statement to the publication.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 07 Jun, 13:29 IST
NEXT ARTICLE BEGINS