WhatsApp’s Link Preview Feature Poses Privacy and Security Risks
When using WhatsApp to send messages, it’s common to share links with your contacts. WhatsApp automatically generates a preview for these shared links, allowing users to get a quick glimpse of what the link is about. However, this feature also comes with a downside – it shares your IP address with the recipient.
The issue arises when WhatsApp sends a “get request” to the website linked in the shared link to load the preview image. Along with this request, the sender’s IP address is also transmitted, despite the chats being end-to-end encrypted.
So, why is this a problem? Along with the IP address, other data such as the WhatsApp version and operating system information is also transmitted. This can lead to tracking of the device and potential targeted attacks from hackers, exploiting security vulnerabilities based on the version of WhatsApp being used.
For users who prioritize data protection and security, it’s crucial to disable the automatic link preview feature in WhatsApp. To do this, navigate to Settings on Android or You on iOS, then go to Privacy and Advanced settings. Here, you can find the option to Disable link preview, which will prevent any previews from showing up in chats.
By disabling link previews, both you and your chat partner will only see the URL or link text when sharing a link. However, you will still see previews when receiving links unless the sender has also disabled these settings.
Additionally, to protect your IP address further, you can opt to forward calls exclusively through WhatsApp’s servers. This can be done by enabling the Protect IP address in calls setting in the Privacy and Advanced settings.
In a recent incident, nine million Android devices were hijacked in a proxy attack. To safeguard your phone and data, it’s essential to take these security measures seriously.
This article was originally published on PC-WELT and has been translated and adapted for English readers.
