Banking customers across the UAE are being urged to stay vigilant after reports surfaced of a serious WhatsApp "zero-day" security breach that could allow cybercriminals to take over smartphones through a single voice call.
Emirates NBD has issued an urgent advisory warning that attackers may compromise devices without users answering or interacting with the call in any way.
Why This WhatsApp Zero-Day Threat Is Alarming
Unlike typical scams that rely on fake links or deceptive messages, this attack exploits an undisclosed software flaw known as a zero-day vulnerability. Because developers are unaware of the weakness until it is actively exploited, hackers gain a critical head start before a security patch becomes available.
According to UAE cybersecurity officials via Gulf News, attackers are using WhatsApp's calling feature as the gateway.
Once a device is compromised, criminals may gain access to private photos, personal conversations, and sensitive financial data. The most concerning aspect is that victims may not notice any signs of intrusion, as the attack does not require user action.
Emirates NBD has reiterated that it will never ask for personal information or authentication codes via calls or messages. If something feels unusual, it likely is.
Why the Holiday Season Increases Cyber Risk
Experts believe the timing of the attack is intentional. During the holiday season, users receive more greeting messages, international calls, and travel-related communications. This surge in activity makes it easier for malicious calls to blend in unnoticed.
Cybercriminals often exploit moments when people are distracted, and festive periods create ideal conditions.
Unknown calls are less likely to trigger suspicion, giving attackers a greater chance of success.
How to Protect Your Phone From WhatsApp Exploits
Emirates NBD has outlined several practical measures users should take to safeguard their devices and financial information.
Keep Apps and Software Updated
Always install the latest updates for WhatsApp and your phone's operating system through official app stores. These updates often contain essential security patches that close newly discovered vulnerabilities.
Enable WhatsApp Two-Step Verification
Turning on two-step verification adds a mandatory PIN to your account, making it far more difficult for attackers to take control of your WhatsApp number.
Silence Calls From Unknown Numbers
WhatsApp allows users to mute calls from unfamiliar contacts. Activating this feature can significantly reduce exposure to suspicious or malicious calls.
Use Only Official Banking Channels
Conduct financial transactions exclusively through verified banking apps or official websites. Banks will never request OTPs, PINs, or login details through calls or messages.
Examine Links Carefully
Avoid clicking on links with unusual spellings or unfamiliar domain extensions such as ".xyz" or ".kom," which are commonly used in malware and greeting scams.
Report Suspicious Activity Immediately
If you suspect your phone or account has been compromised, contact your bank immediately and report the incident to the relevant authorities. Acting quickly can limit potential damage.
Originally published on Tech Times
