PTA Teams Up with Meta to Launch New Security Feature Curbing WhatsApp Hacking in Pakistan

By Tanveer Ahmed :

The Pakistan Telecommunication Authority has joined forces with Meta to introduce a new security measure aimed at combating the growing number of WhatsApp account hijackings across the country, with Pakistan becoming the first nation to test the “Meta OTP” system.

The initiative responds to a sharp rise in account takeover incidents reported nationwide, with fraudsters increasingly using deceptive tactics to trick users into handing over their verification codes.

How the Dual Verification Works

The new system introduces a two-step authentication process called Meta OTP. When a user requests access to their account, they receive the standard One-Time Password. If that initial code is compromised—whether through user error or manipulation—a second password automatically generates three minutes after the first.

This timing creates a critical opportunity for recovery. Users who realize their first code has been stolen can immediately enter the second password to regain control of their account, effectively locking out unauthorized users before they can carry out fraudulent activities.

The Growing Threat

Authorities have documented a significant increase in WhatsApp account takeovers across Pakistan. The Digital Rights Foundation reported 233 cases of WhatsApp hijacking since January 2025 alone. In January, the National Cyber Emergency Response Team issued a nationwide alert warning that attacks were “active, widespread and targeting users across all demographics.”

Fraudsters typically rely on social engineering rather than technical hacking. Common methods include impersonating courier staff, bank representatives, or customer service agents to trick victims into sharing their OTP codes. Once inside, scammers message the victim’s contacts demanding money or conducting identity-based financial fraud.

“All versions of WhatsApp are affected, including Android, iOS, WhatsApp Business, Web and Desktop,” National CERT warned, rating the severity as “high.” Accounts without two-step verification remain especially vulnerable.

Why Pakistan Leads the Way

Technical discussions between PTA and Meta have already wrapped up, with final consultations expected to conclude shortly. As a result, Pakistan will serve as the launch market for this security enhancement before Meta expands the dual OTP system to other countries.

Officials indicated that Meta agreed to implement this extra security layer following repeated discussions focused on strengthening user protection, reflecting the seriousness of the issue within Pakistan.

Additional Safety Measures

Beyond the new dual OTP feature, cybersecurity experts recommend several precautions:

• Activate WhatsApp’s two-step verification feature with a recovery email
• Regularly check linked devices in account settings
• Never share verification codes or PINs with anyone
• Stay alert to urgent messages requesting money or codes
• Avoid clicking links in unsolicited messages

For compromised accounts, National CERT advises reinstalling WhatsApp, re-verifying the phone number, and resetting security settings. Users may face a seven-day lockout if attackers enable two-step verification without a recovery email.

The partnership between PTA and Meta represents a more active approach to cybersecurity, aiming to protect millions of Pakistani WhatsApp users from increasingly sophisticated online fraud schemes.

About Author