Don't use this WhatsApp chat option or your phone number will list in Google's search results
While the Cambridge Analytica scandal cost Facebook a bunch of subscribers, its offshoots like WhatsApp or Instagram were largely spared. The sheer magnitude of the user private data misuse, however, forced WhatsApp co-founder Jan Koum to leave Facebook that year.
WhatsApp itself has been in a privacy conundrum or two, and now the security researcher Athul Jayaram has found a big that will index your WhatsApp-associated phone number with Google’s search engine.
WhatsApp’s Click to Chat feature lets Google search index your phone number
Your mobile number is visible in plain text in this URL, and anyone who gets hold of the URL can know your mobile number. You cannot revoke it. As individual phone numbers are leaked, an attacker can message them, call them, sell their phone numbers to marketers, spammers, scammers…
Through the WhatsApp profile, they can see the profile photo of the user, and a do reverse-image search to find their other social-media accounts and discover a lot more about about [a targeted individual]
Probed to comment on the matter, WhatsApp basically said that this is not a big deal, as the users have opted to exchange their business phone numbers for convenience:
While we appreciate this researcher’s report and value the time that he took to share it with us, it did not qualify for a bounty since it merely contained a search engine index of URLs that WhatsApp users chose to make public. All WhatsApp users, including businesses, can block unwanted messages with the tap of a button.
A more elegant option that site owners can do to prevent Click to Chat users from acquiring their phone numbers, according to Mr Jayaram, is to first, encrypt their phone numbers, and then add the infamous robots.txt string to basically tell Google that this info can’t be indexed.