Social media stock. Stock photo of the WhatsApp app icon on a smartphone. Picture date: Friday March 15, 2019. See PA story TECHNOLOGY SocialMedia. Photo credit should read: Nick Ansell/PA Wire URN:41898780 (Press Association via AP Images)
Nick Ansell/AP
Social media stock. Stock photo of the WhatsApp app icon on a smartphone. Picture date: Friday March 15, 2019. See PA story TECHNOLOGY SocialMedia. Photo credit should read: Nick Ansell/PA Wire URN:41898780 (Press Association via AP Images)
Now playing
02:08
WhatsApp warns of spyware vulnerability
Facebook
Getty Images
Facebook
Now playing
03:14
More than 500 million Facebook users' personal data leaked online
Energy and Commerce Committee/YouTube
Now playing
02:50
US lawmakers question tech CEOs on misinformation
TOPSHOT - A demonstrator wearing a mask painted with the colours of the flag of East Turkestan and a hand bearing the colours of the Chinese flag attends a protest of supporters of the mostly Muslim Uighur minority and Turkish nationalists to denounce China's treatment of ethnic Uighur Muslims during a deadly riot in July 2009 in Urumqi, in front of the Chinese consulate in Istanbul, on July 5, 2018. - Nearly 200 people died during a series of violent riots that broke out on July 5, 2009 over several days in Urumqi, the capital city of the Xinjiang Uyghur Autonomous Region, in northwestern China, between Uyghurs and Han people. (Photo by OZAN KOSE / AFP)        (Photo credit should read OZAN KOSE/AFP/Getty Images)
OZAN KOSE/AFP/AFP/Getty Images
TOPSHOT - A demonstrator wearing a mask painted with the colours of the flag of East Turkestan and a hand bearing the colours of the Chinese flag attends a protest of supporters of the mostly Muslim Uighur minority and Turkish nationalists to denounce China's treatment of ethnic Uighur Muslims during a deadly riot in July 2009 in Urumqi, in front of the Chinese consulate in Istanbul, on July 5, 2018. - Nearly 200 people died during a series of violent riots that broke out on July 5, 2009 over several days in Urumqi, the capital city of the Xinjiang Uyghur Autonomous Region, in northwestern China, between Uyghurs and Han people. (Photo by OZAN KOSE / AFP) (Photo credit should read OZAN KOSE/AFP/Getty Images)
Now playing
01:16
Facebook: Chinese hackers targeted Uyghurs living in US
A Facebook employee walks by a sign displaying the "like" sign at Facebook's corporate headquarters campus in Menlo Park, California, on October 23, 2019. (Photo by Josh Edelson / AFP) (Photo by JOSH EDELSON/AFP via Getty Images)
Josh Edelson/AFP/Getty Images
A Facebook employee walks by a sign displaying the "like" sign at Facebook's corporate headquarters campus in Menlo Park, California, on October 23, 2019. (Photo by Josh Edelson / AFP) (Photo by JOSH EDELSON/AFP via Getty Images)
Now playing
02:36
Facebook to restore news in Australia
Chris, a Trump supporter, reacts to a fact check of a manipulated video shared by the Trump campaign.
CNN
Chris, a Trump supporter, reacts to a fact check of a manipulated video shared by the Trump campaign.
Now playing
03:58
What Trump supporters see on their Facebook feeds
CNN
Now playing
02:03
Watch this former exec compare Facebook to Big Tobacco
Screengrab Nick Clegg facebook
CNN
Screengrab Nick Clegg facebook
Now playing
07:34
Facebook exec explains the company's US election actions
Getty Images
Now playing
05:15
Misleading videos shared by Republicans get millions of views
Now playing
02:24
Under questioning, Zuckerberg admits Instagram was a 'competitor'
Now playing
03:31
Congresswoman grills Facebook CEO on copying competitors
From Facebook
Now playing
02:40
Zuckerberg blasts Trump administration for worsening pandemic
Glenn Chapman/AFP/Getty Images/CNN
Now playing
03:38
He says Facebook's Libra is the future. Lawmakers aren't so sure
YouTube/Financial Services Committee
Now playing
02:15
Zuckerberg struggles to explain whether Facebook fact checks political ads
Facebook's CEO Mark Zuckerberg delivers his speech during the VivaTech (Viva Technology) trade fair in Paris, on May 24, 2018. (Photo by GERARD JULIEN / AFP)        (Photo credit should read GERARD JULIEN/AFP/Getty Images)
GERARD JULIEN/AFP/Getty Images
Facebook's CEO Mark Zuckerberg delivers his speech during the VivaTech (Viva Technology) trade fair in Paris, on May 24, 2018. (Photo by GERARD JULIEN / AFP) (Photo credit should read GERARD JULIEN/AFP/Getty Images)
Now playing
03:21
This is how Facebook kills its competition
facebook zuckerberg origin business orig _00011530.jpg
facebook zuckerberg origin business orig _00011530.jpg
Now playing
01:47
It took Facebook 15 years to take over the world. Here's how
(CNN Business) —  

The WhatsApp vulnerability revealed earlier this week sounds terrifying.

Hackers could call a person on the WhatsApp messaging app and place malicious code on their phone in order to see their personal information — victims may not even have needed to answer the call for their phone to be infected, an expert told CNN Business.

But the vast majority of people were never at risk of having their private chats revealed by this attack. Regular users of messaging apps should still be concerned, however, and not just for themselves. No system is fully secure, experts say, and compromised high-profile targets could impact more than individuals.

Attacks like this are so sophisticated and expensive experts say, that they’re typically only used against individuals in the crosshairs of government intelligence agencies and other well-resourced entities. People like dissidents, political figures and journalists.

“This is the kind of advanced exploit that would be highly selective in nature and would be available to only advanced and highly motivated actors,” a WhatsApp spokesperson told CNN Business.

The messaging app, which is owned by Facebook, said it has patched the vulnerability. It also worked with groups representing human rights workers before making details of the attack public earlier this week.

Most people assume WhatsApp is more secure than most methods of communication, like email. It uses a technology called end-to-end encryption, which should mean messages can only be read by those who send or receive them and can’t be intercepted along the way. The encryption essentially turns the sending and receiving phones into keys, and only those keys can open the contents of a message.

But experts CNN spoke to say while end-to-end encryption is important, and that everyone should use it, users should not develop a false sense of security. If a person’s phone is hacked, that means the attackers could potentially read the messages that phone receives, even if they were sent through an encrypted service like WhatsApp or Singal.

Often, the biggest risk factor is the phone user themselves.

“The weakest link in the mobile phone messaging infrastructure is the end-users phone,” Kurtis Minder, the CEO of GroupSense, a cyber security company, told CNN on Wednesday. “If someone wants access to your messages and information, they are more likely to compromise the device than capture the traffic across the network and attempt to decrypt [the encrypted messages].”

Citizen Lab is an academic security research group that investigates digital threats to civil society groups and online freedom of expression and has been investigating the most recent WhatsApp attack. John Scott-Railton, a senior researcher there, says the focus on end-to-end encryption can mean people forget about the security of their device.

Minder suggests people should view their phone as a computer and install the mobile equivalent of anti-virus software on all of their mobile devices.

And then there are the people who should always be on alert about their communications.

Earlier this year it emerged that Jared Kushner, President Donald Trump’s son-in-law and senior advisor, had used WhatsApp to communicate with foreign leaders. Cybersecurity experts expressed concern that highly sensitive government communications could be at risk of exploitation by foreign governments and hackers.

“Jared Kushner on his personal phone using a free commercial service that is connected to a company with huge security breaches is a recipe for disaster,” Daniel Schuman, a former House staffer who chairs the Congressional Data Coalition, a nonprofit that aims to encourage smarter tech practices in Congress, told CNN at the time.

A London-based human rights lawyer was among the possible targets of the WhatsApp vulnerability. And Amnesty International claims it was targeted via a WhatsApp message containing NSO’s spying software in 2018 while working on a campaign to release six women’s rights activists detained in Saudi Arabia.

Minder warns that similar high profile targets should exercise additional caution about communicating over any app.

“If someone is targeting you specifically, it is likely they will succeed,” said Minder. “So be careful what you share over mobile messaging, WhatApp or otherwise.”