In the sample, the boss's message was altered to increase the supposed raise from $500 to $1,500.
Check Point informed WhatsApp of the vulnerabilities in August 2018.
The Check Point Research team claimed to have observed three possible methods of attack exploiting this vulnerability, all involving social engineering tactics to fool end-users.
WhatsApp's parent company Facebook told researchers that the rest of the two shortcomings could not be fixed due to limited infrastructure.
Facebook was already aware of the bugs, but the company failed to act on them past year because "limitations that can't be solved due to their structure and architecture". Furthermore, the spokesperson stated that addressing the concerns, perhaps by way of storing information on the origin of the text messages, would make WhatsApp less private.
A group of researchers at security firm Check Point has highlighted vulnerabilities in popular messaging app WhatsApp.More news: Jeffrey Epstein is dead, according to multiple news reports
More news: Israel soldier-settler found dead in southern occupied West Bank
More news: Samjhauta Express carrying Indian, Pakistani nationals reaches Delhi 4.5 hours late
People always have the option of blocking a sender who tries to spoof messages and they can report problematic content to us.
Third, a private message could be sent to a group participant disguised as a public message and when the targeted individual responds it becomes visible to everyone in the conversation.
"WhatsApp end-to-end encryption ensures that only you and the person you're communicating with can read what's sent, and nobody in between, not even WhatsApp".
"WhatsApp is the most popular instant messenger in the world". The vulnerability relies on the fact that a participant in the group can, of course, access the decrypted version of the messages. This tool explains how hackers can hack private and group chats. We also work to ban accounts trying to change WhatsApp and use it to spam users.
"This does not mean that users should stop using WhatsApp, as, while security bugs are of course risky, they are not uncommon in any type of software", said Chebyshev.
At this point, it's not yet clear if Facebook is still working on a way to resolve the flaws or the company is just going to let them there for eternity.