WhatsApp’s upcoming Username feature has triggered fresh debate over privacy and cybersecurity, with experts warning that it could be misused for impersonation, identity fraud and social engineering scams if not backed by strong safeguards. The feature is designed to let users communicate without sharing phone numbers and is expected to be rolled out more broadly later this year.
Privacy Feature Sparks Fraud Concerns
WhatsApp has begun allowing users to reserve unique usernames, which will enable future communication through usernames instead of mobile numbers. The company says the feature is intended to strengthen user privacy by reducing the need to share phone numbers.
FCRF’s Flagship Cyber Law Certification Returns With a New Four-Week Cohort
Cybersecurity specialists, however, believe the feature could also be exploited by fraudsters in countries such as India, where WhatsApp is widely used. Criminals may create usernames resembling those of well-known individuals, companies or government institutions to deceive users and carry out investment scams, fake customer support frauds and other financial crimes.
Experts Warn of Impersonation Risks
Technology experts have cautioned that without effective anti-abuse systems, username-based communication could become a major cybersecurity challenge. They noted that many users are unfamiliar with verification badges and identity authentication practices, making it easier for fraudsters to impersonate trusted entities through deceptively similar usernames.
Cybersecurity analysts also pointed out that criminals have previously used AI-generated fake advertisements and fraudulent investment campaigns to lure victims into messaging groups. They warned that such tactics could become more effective if username-based communication becomes widely adopted without adequate identity verification.
WhatsApp Plans Username Controls
WhatsApp has clarified that there will be no public directory of usernames, meaning users will need to know a person’s exact username before initiating contact. The platform also plans to introduce an optional Username Key feature, allowing users to control who can send them messages.
Users will be able to reserve their preferred username through Settings > Account > Username in the latest version of the application. Experts believe that if the feature is launched with strong identity verification, effective reporting systems and advanced fraud detection tools, it could improve privacy while maintaining secure communication.
Cybercrime expert and former IPS officer Prof. Triveni Singh said most cyber crimes today begin with social engineering rather than sophisticated hacking. He advised users not to rely only on usernames to verify identity and urged them to independently confirm any financial request or investment proposal through official channels.
