Why Your WhatsApp number is visible at Google Search Results?
As WhatsApp is the most widely used chatting utility around the world for smartphones, users do not question much about the security of the users’ data and it leads to various kinds of unintended data leaks. Most of the people do believe that due to end-to-end encryption on both sides, all the messages and all kind of users data transmission is safe with WhatsApp, but the truth is there is no system which is practically flawless.
If you are using WhatsApp’s Click to Chat feature frequently, then your phone number or the WhatsApp number may be showing up in Google search results in some specific cases. There have been thousands of such reported issues happened around the world, and only God knows how many unreported cases are there. Athul Jayaram, an independent cybersecurity researcher from India recently reported around there has been a leak of around 29000–300000 via Whatsapp web portal of WhatsApp user’s mobile numbers in plaintext that can be accessed by any internet user.
The Click to Chat feature lets the users create QR codes or URL links in this structure – wa.me/<phoneNumber> that let others can use to reach those numbers through WhatsApp without using a smartphone or even without saving the number in the contact list. The feature itself is actually very useful for people who use WhatsApp for business communication because saving all the numbers in the contact list is just not possible. But using this feature can make your phone number publicly searchable and retrievable on Google search results.
As in present-day, your Phone Number carries various identification details of yours and it is an essential thing online banking and various login features, the leakage of your Phone Number in some specific type of criminals can cause grave risk for you. So, you need to make sure such a thing does not happen to you.
How does such a data leak happen over WhatsApp’s security?
There can be a logical glitch in the algorithm, as it is the only possible conclusion. But, over many debates on various Reddit posts, many experts claimed that this is an intentional bug planting due to some unknown reason. Reportedly the so-called “intentional bug” pulls the phone number from the Click to Chat link’s metadata, which is then saved to Google search index due to Google’s search assistant algorithm. IT Security researchers officially addressed this “leak,” while Facebook, WhatsApp, and Google all provided their statements to Threat Post saying it’s expected behavior, but the question still looms, Why?
However, as per Techcrunch, the WhatsApp already has resolved this issue, which happens because they didn’t regulate the Google search engine to not index these links.
How to SafeGuard your Phone number from being displayed on Google Search Result?
Actually, for users like me and you, it does not matter if this is an expected or unexpected behavior of the security systems; or whether it is an intentional bug or not. We just need to safeguard our phone number from being displayed on the Google search result.
- To get rid of the security risks due to phone number leak and to avoid unwanted SPAM calls you need to follow this only possible step, “Do not use the Click to Chat Feature”.
- Also if you are already been using Click to Chat, then delete any existing Click to Chat links from publicly accessible websites that you have used in the past. On the other hand, you can look for an alternative to Google Voice to be used with your WhatsApp number, if you want to continue using Click to Chat anyway. In this way, the chance of compromising your personal phone number is quite less, but your phone number would be saved in some third party server used by the Goggle Voice alternative application.
- There is another way, which is to get a second phone number and use the Click to Chat facility with that number, and do not use this number for and credential login or banking.
Many freelance IT Security researchers have offered suggestions regarding the solution of this glitch to all three concerning companies, till date no change or any update has been received officially from any of these companies. Possible none of those suggestions are going to be implemented soon enough, so it is your own duty to safeguard your personal information from getting disclosed over the internet.