WhatsApp is the most widely used chat application in Israel, with nearly universal installation on Israeli devices. However, recent developments may prompt reconsideration of such heavy reliance on the app. Over the past few months, Ynet has received numerous complaints from Israeli users experiencing account suspensions and takeovers, often due to accusations of sending spam.
Initially, this issue mainly impacted high-profile figures such as senior officials and executives in the economy and government. But the phenomenon seems to have spread, and now any Israeli user might be flagged as a "spammer" by WhatsApp.
The root cause of this chaos is clear. Following the beginning of the war in Gaza, cyberattacks on Israeli networks have escalated dramatically. A wide range of targets, including applications, connected devices, databases and online services have been attacked by hackers from pro-Palestinian, Russian, Iranian, Turkish or Indonesian origins. Many Israeli operators were caught off guard due to inadequate information security measures, resulting in significant thefts of personal data. Some cybersecurity experts even suggest that nearly all identifying details of Israeli citizens have been exposed.
One significant data breach involved the voter registry, stolen from the 2021 election application, which various political parties used for campaign management. This data, combined with information from other sources, provided pro-Palestinian hackers with ample material for disseminating spam messages, infiltrating Facebook and WhatsApp groups, and spreading intimidating messages. For example, hackers infiltrate neighborhood or building groups to sow fear with alarming messages. The current wave of attacks is more sophisticated, with many originating from countries like Indonesia, Bangladesh and Turkey, where databases with stolen Israeli details are circulated.
The attack method involves pro-Palestinian elements organizing groups of volunteers on social networks, particularly Telegram, and distributing lists of verified phone numbers for targeting. Previously, these attackers mainly sent malicious messages, but with Meta restricting messages from Indonesian numbers to Israel, they have adopted more difficult-to-block tactics. They take over Israeli WhatsApp accounts by either tricking users into revealing access codes or impersonating Israeli phone numbers. Subsequently, they attempt to take over the contacts' accounts on the device or report spam in groups where the Israeli number is a member. Meta's automated systems then block anyone suspected of sending spam until the situation is resolved.
The main challenge for affected users is that reactivating their accounts or preventing blocks requires dealing with WhatsApp support in cumbersome ways, often involving writing to support via email in English.
Raviv Fahima, a member of the Facebook cyber group "Think Safe," shared advice on handling these issues: "When an account is blocked, we can request another review, essentially filing an 'appeal' against the decision. If WhatsApp decides to uphold the block after this review, the account will be permanently blocked with no chance of recovery, so extreme caution is necessary. When submitting a request to lift the block, it's important to explain the situation accurately. One small mistake could lead to a permanent block."
According to Fahima, after submitting a request, it can take WhatsApp up to 24 hours to respond, though sometimes it may take longer.