WhatsApp usernames are already raising impersonation red flags - BERITAJA

Albert Michael By: Albert Michael - Thursday, 02 July 2026 05:02:24 • 5 min read
WhatsApp usernames are already raising impersonation red flags - BERITAJA

WhatsApp usernames are already raising impersonation red flags - BERITAJA is one of the most discussed topics today. In this article, you will find a clear explanation, key facts, and the latest updates related to this topic, presented in a concise and easy-to-understand way. Read more news on Beritaja.

WhatsApp this week started rolling retired username reservations up of the broader motorboat planned later this year. The characteristic — which lets group find and connection each different by grip alternatively of telephone number — is already raising impersonation concerns, drafting scrutiny from information experts and regulators successful India, the app’s largest market, pinch much than 500 cardinal users.

The rollout marks a displacement successful really group place 1 different connected WhatsApp. Instead of relying connected telephone numbers arsenic the superior identifier, users will progressively interact done platform-managed usernames, a alteration that Meta says improves privateness but that critics reason could create caller opportunities for impersonation.

In early testing, TechCrunch recovered usernames resembling salient politicians, celebrities, business figures, and nationalist institutions — including “indiamodi”, “shahrukh.actor”, “teamamitabh”, “ambanijio”, and “rbi_verify” — were still disposable to reserve. These reference Indian Prime Minister Narendra Modi, Bollywood actors Shah Rukh Khan and Amitabh Bachchan, billionaire Mukesh Ambani’s telecom institution Jio, and the Reserve Bank of India, respectively. Separately, Binance laminitis Changpeng Zhao said connected X that he couldn’t reserve “cz_binance,” the grip he already uses connected that platform.

Asked about really it protects against impersonation, Meta told TechCrunch it reserves usernames for nationalist figures, authorities entities, and “some variations” of those names truthful only the morganatic proprietor could declare them. The institution did not explain, however, really it decides which lookalike usernames get proactively reserved and which don’t.

The concerns person already reached regulators successful India, wherever cyber fraud schemes frequently utilization messaging platforms to impersonate police, banks, and authorities officials.

In a announcement sent to WhatsApp connected Wednesday and reviewed by TechCrunch, the Ministry of Electronics and Information Technology (MeitY) said the characteristic could “materially summation the incidence of online fraud, phishing, integer apprehension scams and impersonation attacks” by enabling bad actors to interaction users without exposing their telephone numbers.

The ministry besides warned that usernames could facilitate impersonation of “individuals, nationalist authorities, financial institutions, and authorities agencies” by allowing usernames intimately resembling those of genuine group aliases organizations. It directed WhatsApp to explicate why regulatory action should not beryllium initiated nether India’s IT laws and asked the institution not to rotation retired the characteristic until consultations were completed.

A elder authorities charismatic separately told TechCrunch that the Indian IT ministry is cognizant of the rumor and is engaging pinch WhatsApp complete the feature.

That involution has drawn its ain pushback from New Delhi-based integer authorities group Internet Freedom Foundation (IFF), which said the announcement lacked a clear ineligible ground and risked giving the executive wide powers to dictate merchandise design. (It’s a dilemma that operators building successful regulated markets cognize well: rules made case-by-case, by letter, are harder to scheme about than rules made successful the open.)

“Impersonation and fraud are existent risks, but they are met by enforcing the criminal rule against those who perpetrate them,” the group said successful a statement. “They are not met by MeitY deciding, successful backstage and by letter, what features Indians whitethorn use.”

The statement echoes a similar observation the Delhi High Court made successful a lawsuit involving Telegram, wherever the tribunal said that utilizing usernames alternatively of telephone numbers could make it easier to conceal personification personality and dispersed illicit contented faster. That lawsuit wasn’t about WhatsApp, but the parallel has been resurfacing successful nationalist chat arsenic WhatsApp prepares its ain launch.

Privacy, trust, and level power

Rachel Tobac, main executive of SocialProof Security, called usernames a nett privateness summation because they trim the request to stock telephone numbers, which could expose users to SIM-swap attacks, phishing, and relationship takeovers. Still, she said, lookalike usernames still create opportunities for impersonation.

“Ultimately, usernames are a awesome thought to debar leaking your telephone number to folks you don’t know, but it’s important to verify personality pinch the username usability too,” Tobac told TechCrunch.

Her proposal for about users: prime a username that isn’t easy guessable, truthful it’s harder for attackers to find you, connection you cold, aliases harass and spam you.

Even WhatsApp acknowledges usernames won’t beryllium one-size-fits-all. In an FAQ posted connected X connected Wednesday, the institution said about users should take a username unsocial to WhatsApp. However, it besides lets users declare their existing Instagram aliases Facebook usernames by linking their accounts, saying the action is intended to thief creators, businesses, and organizations support a accordant personality crossed Meta’s platforms while reducing impersonation.

The Mozilla Foundation said the preamble of usernames is apt to bring caller tradeoffs. “Increased scams and impersonation from clone handles are perchance a large one,” it told TechCrunch. “Checking a telephone number could beryllium a useful verification tool, but these harms are besides permitted by the platform’s basal creation choices.”

Mozilla besides flagged a broader interoperability mobility — 1 worthy logging if you’re building connected apical of, aliases competing with, Meta’s ecosystem. While letting users declare their existing Facebook and Instagram usernames whitethorn trim down connected impersonation, it besides shows really easy Meta could stitch personality together crossed its ain apps, moreover arsenic users still can’t return that identity, aliases their contacts, to a rival platform.

For now, WhatsApp says it is taking a gradual attack to the rollout. “We’re taking our clip and listening to feedback truthful that erstwhile it rolls retired later this twelvemonth we get it right,” the institution said successful its FAQ.

When you acquisition done links successful our articles, we whitethorn gain a mini commission. This doesn’t impact our editorial independence.

This article discusses WhatsApp usernames are already raising impersonation red flags - BERITAJA in detail, including key facts, recent developments, and important insights that readers are actively searching for online.