Common WhatsApp scams and how to avoid them

With over two billion users, WhatsApp offers a large number of potential targets for fraudsters. To make things more complicated, fraudsters are not known for complacency – instead, they learn new and sophisticated social engineering skills to trap us in their deception.

These apps are used by so many people of all ages and backgrounds and in such diverse contexts that staying alert to dangers is even more important. And because anyone with your phone number can message you on WhatsApp, fraudsters are also easy to reach.

Indeed, in December 2022, it was revealed that the database with more 500 million WhatsApp accounts was posted for sale on the dark web. For a few thousand dollars, scammers can access information about an unlimited number of active WhatsApp users. Even worse, controlling just one account might have an unexpected snowball effect.

So are you at risk?

Frankly, all WhatsApp users are at risk of being scammed. Scammers don’t often look for specific users – it’s mostly a case of trial and error. Usually, they would use their strategy against a number of people, hoping to entice a few of them. And all too often, they succeed: authorities around the world have received reports of scams running up to millions of dollars.

Now let’s review some of the fraudulent schemes that prey on WhatsApp users.

1. Smishing and verification code

Your phone is beeping: You’ve just received a text message with an unsolicited authentication code claiming to be from Microsoft, Google, or even WhatsApp. You ignore it, but then a second “beep beep” draws your attention to an incoming WhatsApp message from one of your contacts. The story is strange, but it seems urgent – ​​they really need the code you received earlier. Apparently, it was sent to you by mistake.

A similar scenario may unfold when someone you don’t know claiming they had “misconstrued a few digits of their number”. The scammer’s goal is to access your online account which requires an SMS code for authentication. If you provide it, they will steal your information or even impersonate you.

2. “Hey mom!” impersonation fraud

If you are a parent, you should never question messages from your child asking to transfer money to pay some urgent bills – even if the message is from an unknown number. “Hey mom, this is my new number,” it began.

Fraudsters will go the extra mile on these scams, happy to take the time to build trust and use generic answers that work for everyone. Before you know it, you’ve transferred an amount of money that you will never see again.

Other people around you, including other family members, may fall victim to the same scammers. So let them know this is happening and don’t be ashamed of it.

⚠️ Scam Alert: ‘Hey Ma’am, my phone is not working, can you call and text me on this number’.

If you receive WhatsApp from an unknown number with someone claiming to be a family member, be careful!

This is what to watch out for 👇 pic.twitter.com/Rt1Jfa8SYa

– Which? (@YangUK) January 23, 2022

3. Surveys, packages and lotteries – all bogus

Instead of transferring money, you may also be tricked into giving up your personal information. While it may seem less bothersome than losing money right away, it may actually be a lot worse in the long run.

Some of the official services do offer customer support via WhatsApp. So it may not be strange if you are contacted, for example, by your bank informing you of “fraud affecting customers” and asking for immediate action: fill out a form to prove that your personal details are correct. Oh, and that may include your banking credentials!

Another easy way to steal your information is to send fake DHL or UPS texts asking you to take a survey to confirm your shipping details (and possibly pay some missing fees). Even if you don’t expect something to come, you can do it just in case someone sends you something unexpectedly.

For special events such as Christmas and Black Friday, when companies tend to provide special offers, scammers create fake campaigns that mimic real campaigns. Some attention to detail, such as bad grammar or odd links, is enough to detect the difference. But the desire to win big or land an extraordinary offer can set off red flags.

What’s more, these kinds of scams tend to be quite aggressive. Disguised as publicity, they engage your curiosity. You click and share your personal details and contacts – and then it’s game over. Some of these links might also spread various kinds of malware.

Many of us do not believe that we will be tricked into providing this information via messaging applications. But it happens to thousands of people every year, as scams become more sophisticated and deceptive – even faking empathy by creating a kind of bond between victim and cheater.

Common examples of scams in messaging apps and social media

4. Charity scam – “$10 is enough to help”

Supporting a charity or cause, when we have the means, is a noble thing to do. But in times of crisis, it’s more likely that scammers will take advantage of good intentions. Fraudster have no shame and will use all kinds of imagery and messaging to get you to donate to a “good cause”. These scams often involve fake websites and are spread via WhatsApp and other messaging apps and social media, and may even gain extra momentum when shared by people looking to spread the word and help out.

Fraudsters often use emotional tactics, such as claiming to be helping victims of natural disasters or illness, to trick people into giving away money. In some cases, they may even use the name of a legitimate charity to gain public trust. However, the donation never reached the intended recipient.

To avoid falling for charity scams, it’s important to do thorough research on the organization before making a donation and be careful of unsolicited requests, especially if they come from unknown numbers. It’s always best to contact the charity directly and verify the legitimacy of the request.

4. Catfishing – “I love you!”

You hit it off on a dating app, and after a few messages, you exchanged numbers and brought the conversation to WhatsApp. The days have passed, and you know you won’t see each other soon. You are in a different city, maybe even a different country. Maybe someone else is at work or even serving in the military somewhere far from home. Somehow all the questions and doubts started to dissipate as the conversation became more personal and intimate.

The problem is, the chances are very high that it’s all a romance scam. In scenarios like these, scammers will capitalize on your hopes, leading you to believe them until they ask for help, accompanied by carefully crafted sob stories about them desperately needing money to help their relatives or get out. problem.

Needless to say, you are separated from your bankroll – most likely forever. Even worse, many victims of romance scams are unknowingly recruited to become money mules in order to launder money obtained from illicit activities.

Social media and messaging platforms remain fruitful hunting grounds for dating scams. Of all the types of deception, romance scams can be the most sinister and destructive: they manipulate the victim’s feelings of trust, love, emotional connection, along with a deep desire for a romantic relationship and to help “no matter what.”

A slightly different – ​​but equally suspicious – twist on the typical romance scam

How can we protect ourselves?

There is a golden rule: assume that there is always a chance that a stranger messaging you on WhatsApp is a scammer. If possible, avoid answering strangers who message you out of nowhere.

There are also a few other rules you can remember:

• Set up two-factor authentication (2FA) not only on your WhatsApp account, but all other online accounts where this option is available.
• Avoid sharing your personal information with people you don’t know.
• Do not transfer money without confirming the authenticity of the request. For example, if your child is texting you asking for money, call them to make sure the request is coming from them.
• Never share verification codes with anyone. If someone accidentally sends you their code, they can request a new code themselves.
• Don’t click random links or open random attachments. If it looks like a friend sent you something, ask through another channel if the message was really meant for you. Also be sure to look for grammatical errors or strange links (for example, links pointing to a URL that doesn’t match the company name).
• Banks don’t message you on WhatsApp to ask questions. Never give out your personal information and login credentials via messaging apps. Visit the bank’s official website, ideally by typing the URL address into a web browser.
• Keep your phone’s operating system and apps up to date.
• While doing so, make sure to use the official Google Play Store or Apple’s App Store to update not only WhatsApp but all the apps you use. Don’t be fooled by the random “updates” you may see online that promise colorful themes for WhatsApp.
• Use a leading mobile security solution.