Check WhatsApp Web / Desktop logins
As I also explained to you in my tutorial on how to use WhatsApp on PC, the online service Web WhatsApp and the official client of WhatsApp for Windows and macOS allow you to use WhatsApp on your computer by creating a new session and "repeating" what is present on your smartphone.
This means that you can access your chats only if the phone is connected to the Internet and if the official WhatsApp or WhatsApp Web client has been associated with the smartphone by scanning a specific QR code. This is an extremely convenient solution, works well, but can present privacy risks: it works, in fact, even if smartphone and computer are not connected to the same Wi-Fi network.
This means that, potentially, an attacker could gain access to your communications simply by convincing you to lend him your smartphone for a few seconds, by logging into WhatsApp Web or the official WhatsApp client using his computer (or tablet). and keeping the check mark on the option active Stay connected.
By checking this option, in fact, the smartphone remembers the association made with the computer and allows subsequent accesses to WhatsApp Web and / or the WhatsApp client for PC without requiring a new scan of the QR code. This system, however, only works if no biometric data protection system is set up on your device: if, on the other hand, an unlocking system using the face or fingerprint is active on the device, this method authentication will be required, for confirmation purposes, also for access to WhatsApp Web / Desktop.
You can well understand that such a thing compromises your privacy on WhatsApp, offering the possibility to the attacker to read all the messages you receive and send. It is true that the WhatsApp application on the smartphone sends notifications when new connections are established to WhatsApp on the PC, but these could escape the user, giving the green light to any "spy".
That said, it should be noted that, fortunately, there is a very simple way to check for unauthorized access to WhatsApp Web or the official WhatsApp client for PC and possibly stop them. By accessing the settings of WhatsApp on your smartphone, in fact, you can view the complete list of active logins and decide to stop them instantly.
In this way, all the computers connected to the smartphone will lose the access authorization to your WhatsApp and they will be asked to re-scan the QR code (an operation that the attacker on duty will not be able to perform because they no longer have your smartphone).
Going into more detail, to check the list of accesses to WhatsApp Web and WhatsApp for PC on your smartphone, you must start the app WhatsApp su Android, press the icon ⋮ located at the top right and choose the item Web WhatsApp, in the box you see. Up iPhoneinstead, you have to press on the tab Settings, below, and tap on the item WhatsApp Web / Desktop.
At this point, take a look at all active WhatsApp Web and WhatsApp Desktop sessions and, if you find any suspicious ones, stop them. You can perform this operation on Android by pressing on the active session or on the iPhone swipe from right to left on the one to be interrupted and press the button Disconnect which appears laterally.
Do you want to stop all WhatsApp Web and WhatsApp Desktop sessions at the same time? No problem. Press on the voice Disconnect from all computers, confirm (by answering Disconnect notice you see on the screen) and that's it.
Check for spy applications
If you haven't found anything strange in the WhatsApp Web sessions but you still suspect that someone may be spying on your conversations, try to check for spy-applications on your smartphone or PC.
Spy applications, as their name suggests, are software that act secretly on the smartphone or PC and allow you to record all the operations performed on the latter: the texts typed, the apps started, the telephone numbers called. and so on. Some of them are really very difficult to identify as they act, precisely, in secret, but there are some clues that can betray their presence.
If you want know if WhatsApp is spied on, what you have to do is read carefully the instructions that I will show you in the next chapters, regarding Android and iOS devices and PCs.
Android
If you use an Android terminal, the first step I recommend you to do is check for applications with administrative permissions, that is, with permissions that allow them to control all the activities performed on the device. To do this, launch the app Settings (Quella with l 'icona dell'ingranaggio located on the home screen or in the drawer) and select the items Safety and privacy> Device administrators.
Once this is done, check if among the apps listed in the screen that is shown to you there are applications that you do not know and that could hide bad intentions. If there are app names you don't know and you want to be sure of their nature, do a simple Google search.
If among the applications with administrative permissions you find any suspicious ones, deactivate it immediately by removing the check mark from its icon or setting it to OFF and uninstall it immediately. To uninstall it, go to the menu Impostazioni> App Android, select it from the list of apps installed on your device and press the button Uninstall.
From the same screen you can also check if there are "suspicious" applications that do not have administrator permissions but which are still installed on your smartphone: if you find any, proceed to remove them by following the instructions I have just given you (or by going to read my tutorial on how to uninstall Android apps).
If you have submitted your smartphone to the root procedure, I recommend that you also open the application SuperSU / SuperUser and check the list of apps that have root permissions. Among them, there may also be some suspicious apps that someone may have installed on your device while it was unattended.
Again, if you notice any "suspicious" name, act promptly by revoking the root permissions of the app that you consider potentially dangerous and uninstalling it from the device. To monitor the recent activity of apps that need root permissions, select the tab with the log by SuperSU / SuperUser.
Other clues that could reveal the presence of a spy app on the phone are excessive battery consumption, for an abnormal overheating by the latter or abnormal network traffic.
Let's be clear, these are very generic "symptoms": they could also be caused by apps that have nothing to do with phone monitoring activities, but it is still better to investigate when they occur.
For this purpose, I suggest you use the Wakelock Detector app which constantly monitors the status of your smartphone and lets you know which applications keep the processor “awake” by overheating the device and leading to abnormal battery consumption. To find out in more detail how it works, read my tutorial on how to save Android battery.
Abnormal data traffic can be a “normal” factor for some apps, but if you spot any that you've never used, the situation can start to get suspicious. Through the appropriate section in the app Settings on Android (Wireless and networks> Data usage) you will be shown the consumption list of each app. In this case, if you were to read the names of unknown apps that carry out data traffic, first make sure that they are reliable (perhaps through a search on the web) and, if necessary, uninstall them.
You can also decide to have a good antivirus on your smartphone, so that it can protect you from any malicious apps. In this regard, I recommend that you consult my guide on the best antivirus for Android.
If despite all these precautions you continue to fear of being spied on, I'm sorry, but all you have to do is save all the data and reset your smartphone. This will delete all apps and data from your phone, restore Android to its factory state and, if any, also delete the spy apps on the device. If you need it, in my tutorial on how to reset Android you will find all the information you need on how to format an Android terminal.
iOS
iOS, the operating system of the iPhone, makes installing spy apps quite difficult, unless the phone has been jailbroken (which makes it more vulnerable), but that does not mean that it is immune.
If you want understand if WhatsApp is spied on iPhone, open the menu of settings (the'icona dell'ingranaggio located on the home screen) and go to General> iPhone Space. After a few seconds of waiting, a list of all the apps installed on the device will appear: if you notice any suspicious ones, press on it and press the button Delete app to remove it.
If you are using an iOS version prior to 11, you can access the same menu by going to Settings> General> Device and iCloud Space and pressing on the voice Manage space related to the field Device space .
Another way to find potential spy apps on the iPhone is to check the list of custom profiles installed in the system. Custom profiles are used for advanced applications, such as those that involve the use of VPN, to have greater freedom of action within iOS.
Then go to the menu Settings> General> Profiles and check if there are any “suspicious” profiles set up on the iPhone. If you can't find the custom profiles menu, it means that no app installed on your phone currently uses them.
Finally, especially if you have a jailbroken iPhone, I recommend opening the browser (Safari) and try to connect to the following addresses: localhost: 8888 e localhost: 4444. These are two addresses used by some apps for remote monitoring of mobile phones, through which the apps in question reveal their presence and allow you to adjust their settings.
Other advice I can give you is to open the dialer and dial the number *12345, which allows you to reveal the presence of some spy apps. If after typing one of these codes you find yourself in front of a login screen or a real control panel, it means that a spy app is installed on your iPhone.
To remove it, open Cydia, search for packages related to the latter and remove them. If you need a hand, you can read my tutorial on how to use Cydia where I showed you some basic concepts related to how this alternative store for jailbroken iPhone (and iPad) works.
If after doing all these tests your iPhone is "clean" but you still suspect that someone is spying on your activities, I'm sorry but you just have to make a nice backup of the data and then a nice reset of the device. Find explained how to reset iPhone in my tutorial dedicated to the topic.
PC
If you use Web WhatsApp or the client's WhatsApp for PC and you are afraid that your conversations can be spied, what you have to do is check that no software is "capturing" the information you type or that are displayed on your computer monitor. I mean keylogger, spyware or similar threats that, after having infiltrated the operating system, can collect any data to send it to malicious people.
In all these cases, the ideal solution is to get a good one antivirus and a good one antimalware support, like the ones I mentioned to you in this guide of mine and this other one. However, since antivirus and antimalware are not foolproof, especially on the newest threats (especially if you don't update their database), if you have the feeling that your PC is being spied on, you can check if there are software installed that you do not know.
In this regard, you can check the list of running programs or access the list of applications and installed software in the system. If you see one you don't know, the immediate solution is to uninstall it. All the procedures to carry out these operations can be found in my guide on how to understand if the PC is spied, in which I have also indicated other solutions that you can put into practice to be sure that your PC is safe.
Alternatively, if none of the solutions I have proposed help you and you still have the feeling that your PC is being spied on, the only thing you can do is format your computer. I told you about it in detail in my guide dedicated to the subject.
Check the connection in use
As I was able to explain to you in numerous circumstances, WhatsApp now uses a system of end-to-end encryption which makes messages, photos and videos visible only to legitimate senders and recipients. To explain it in simple words, each message has its own unique padlock and key that can only be used by those who send and receive the messages: all the others, including WhatsApp servers, see the messages in encrypted form, therefore incomprehensible. In short: even trying to "sniff" a wireless network in which WhatsApp is used, any attackers would obtain nothing but illegible information.
Without prejudice to what has just been said, however, we must not take unnecessary risks. On the other hand, the discovery of new security holes is on the agenda and even the WhatsApp system, one day or another, could be compromised. My advice is therefore to pay attention to the Wi-Fi networks you connect to and to avoid public Wi-Fi networks which, as is well known, are the favorite hunting ground of the "spies".
If you are not sure which network you are connected to, access the appropriate section of your smartphone to check this information. Up Android, then start the app Settings e seleciona le voci Wireless and networks> Wi-Fi. On iPhone, instead, launch the app Settings and choose the item Wi-Fi.
In both operating systems, the highlighted network (or the one with a check mark on it) is the access point you are connected to. If it is a network that you do not know or, even, there is no padlock next to its name, it means that it is a public and free network. In this case, choose a reliable and secure access point or activate the data network, as I have explained to you in this guide.
When you are not at home or in the office, in fact, prefer the SIM data network rather than public hotspots: you will consume some data traffic, but you will gain some in safety. Alternatively, you can still use open networks, as long as you use a VPN: it is a "tunnel" through which all traffic carried by your device when connected to the Internet is encrypted.
Other useful tips
By now, you should be able to figure out if your WhatsApp is being spied on. That said, never forget to practice all of those small tricks of common sense which allow you to sleep relatively peacefully and reduce the chance of being spied on. What are these tricks I am talking about? Here they are listed quickly.
- Do not leave the phone unattended - it might be a trivial piece of advice, but it is often the one that can occur most frequently. On the other hand, it takes just a few moments to install a spy app or to make unauthorized access to WhatsApp Web / Desktop with a phone.
- Set a secure PIN - another apparently trivial but fundamental device. If you set a secure PIN on your smartphone, you will not be able to allow malicious people to unlock the device to install spy apps or access WhatsApp Web / Desktop. To set a secure PIN on Android, go to the menu Settings> Security and Privacy> Screen Lock Password> PIN; to get it on iOS go to Settings> Touch ID and code> Change code (o Add code).
- Use biometric protection - many devices are now equipped with biometric protection through facial recognition or fingerprint. These systems make a smartphone safer. I told you about it in detail in this guide of mine.
- Check your WhatsApp Web / Desktop logins often - just as explained in a previous chapter.
- Don't be scared if someone says they know your WhatsApp login times - there are apps that allow you to find out the dates and times of access to WhatsApp by a user simply by typing their mobile number. They exploit public data available on WhatsApp servers, therefore, they cannot be properly defined as spy apps and do not allow in any way to capture conversations. They are a bit "disturbing", it is true, but not dangerous if we want to simplify the speech as much as possible (then they don't always work properly)!
- Don't use WhatsApp for ultra-confidential communications - WhatsApp is a closed source application, its source code cannot be thoroughly examined and therefore it is not possible to know if there is any security flaw capable of exposing user communications to privacy risks. In light of what has just been said, it is better to turn to equally secure but open source solutions, such as Signal for Android and iOS which uses the same end-to-end encryption system as WhatsApp but is open source and therefore there is more control over it by the community. Even Edward Snowden uses it, the main architect of the datagate that led to the publication of many confidential documents of the US government!
- Check the latest messages received - if you have opened WhatsApp and noticed that there are no notifications on new messages received, probably someone has read them for you. In this case, go back to the beginning of this guide of mine and re-read every tip I gave you, to be sure to prevent your conversations from being spied on.