WhatsApp, along with TikTok, is one of the planet’s most popular apps. Hardly any other app is more widely used, with billions of smartphone users messaging each other every day using WhatsApp. The messaging app is even being installed more and more frequently on computers. Due to its widespread use, the app is a popular target for cybercriminals. Read on to find out the extent of WhatsApp fraud and what you should watch out for. Also discover how Avira Free Security improves your protection from potential cyberthreats.
What is WhatsApp fraud?
WhatsApp fraud is a targeted scam carried out by third parties via the WhatsApp messaging platform. Many users have great confidence in the app, making them ripe for phishing attacks. With over two billion active users a month, cybercriminals can reach an immense number of people with little effort. After all, WhatsApp is the go-to communication channel for many of us.
What’s really exciting for the fraudsters is the fact that it’s easy to make contact as all you need is a cellphone number. Scammers can obtain these numbers in various ways — such as by buying leaked data packages on the black market, by randomly generating telephone numbers, or by third parties collecting and passing on contact details. WhatsApp messages are delivered straight to the recipient, but they’re informed that the message is from an unrecognized number. Although most WhatsApp users can often spot suspicious messages, many still fall for them.
Cybercriminals use WhatsApp scams with the intention of obtaining sensitive and personal information. Some of the possible consequences include identity theft or gaining unauthorized access to log in to your user accounts, such as to transfer money out of your bank account or make fraudulent claims on your insurance policy. Another goal is to install malware. This is malicious software that installs itself on the victim’s computer or smartphone to obtain information or manipulate the system.
What are common WhatsApp scams?
Cybercriminals use various methods to deceive and harm their potential victims. Below are some of the most common scams that perpetrators use to carry out WhatsApp fraud.
Phishing
Phishing is one of the most common scams of our time. While traditionally a large number of malicious messages are sent by text and especially email, WhatsApp has established itself as a new, attractive communication channel. Cybercriminals pretend to be actual people or companies and send spoof messages.
These messages almost always contain an urgent call to act quickly. The aim is for the recipient to click a link to a malicious website out of panic that something bad is going to happen. Alternatively, a file attachment can cause malware to be installed on the victim’s smartphone or PC.
Identity theft
Fraudsters often assume a fake identity on WhatsApp. Using social engineering techniques and catfishing, cybercriminals pretend to be someone the victim trusts. Most of the time this is the victim’s child, (grand)parent, or best friend. They normally say that you can now reach them on a new number. By getting a reply, the perpetrators receive valuable confirmation that the victim’s number is genuine.
This allows the perpetrators to realize that the victim is likely to be easy to scam. It’s not uncommon for scammers to use personal information and photos from social media in this form of WhatsApp fraud. The aim is to get real phone numbers, to extort money (“Mom, I need money now”), and to obtain sensitive data.
Fake competitions
Fake competitions are a comparatively simple form of WhatsApp scam. Scammers send out a huge number of generic messages without any specific details about the recipient, claiming that people — in other words the potential victims — have won a prize. In doing so, the cybercriminals reach loads of people with very little effort. The incentive of receiving money or actual prizes often entices people to share personal information. This includes their name, address, and account details.
Scammers often create fake websites that look like real ones. They then send links to these fake sites to their victims. If the victim clicks the link and enters their personal information, like their bank details, the scammer can steal it. Sometimes, instead of a fake website, the scammer might trick the victim into downloading malware.
Fake job offers
In addition to fake competitions, there are also fake job offers. The unsuspecting victims are motivated to respond to the offer of high salaries, flexible working arrangements, and the option to work remotely. This WhatsApp scam also aims to reveal personal information: From bank details for financial fraud to personal data for identity theft. It’s not uncommon for the scammers to even ask for your social security number or a copy of your ID card.
Fake tech support
Another popular scam is fake technical support. Criminals pose as employees of companies such as Microsoft or similar. The messages are based on alleged problems with the victims’ devices. The supposed support person urges the victim to act quickly to avert the apparent threat. In doing so, they gain either direct access to the victim’s device or login details to their user accounts.
Call-forwarding scam
With the call-forwarding scam, cybercriminals again pose as a family member, friend, bank, or any other entity that the victim would trust. Based on this sense of urgency, the scammer tries to convince the victim to change their call-forwarding settings. Here’s an example: “We have detected a problem with your WhatsApp account. Please enter the following code so we can help you.” The code in question then consists of the key combination for call forwarding and the scammers’ phone number.
The goal is to redirect calls and codes intended for the victim directly to the scammers. As a result of this, the scammers can intercept authentication codes sent by text message, among many other things.
WhatsApp Gold scam
This is a scam message offering a special version of WhatsApp: WhatsApp Gold or WhatsApp Elegant Gold. This version promises exclusive features such as new emojis, increased security, and improved video-call quality.
The message gives the impression that this is a very exclusive and unique offer. In fact, there is no such version of WhatsApp, and downloading it installs malicious malware onto the victims’ devices.
Tips to protect yourself from WhatsApp fraud
The same rules apply as for all other scams to protect yourself from WhatsApp fraud. These include:
- Healthy skepticism: New, unexpected chat conversations are always a warning sign.
- Block numbers: Someone trying to contact you on WhatsApp and you feel it could be a scam? Never interact with the person under any circumstances and block the number immediately.
- Handle data carefully: Never send sensitive data such as banking details, passwords, ID copies, or personal documents to strangers or new numbers via WhatsApp — even if they claim to be people you trust.
- Ignore links: Never click links that you do not expect or that look suspicious.
- Get in touch yourself: If a person or company you know contacts you, you should contact them directly and verify whether the message is legitimate.
What are the signs of WhatsApp fraud?
Scams are a very widespread international problem. If you know the key tell-tale signs, you’re in a good position to protect yourself. Typical signs include:
- Unknown number: You are contacted by a number that isn’t saved and you don’t recognize.
- Urgency: The message from the unknown number tries to pressure you to act quickly.
- Spelling: Messages with numerous spelling and grammatical errors may indicate fraud.
- Too good to be true: If you’re offered big winnings and impressive positions, you should be skeptical — especially if you haven’t taken part in any competition or applied for a job.
- Personal Information: The unknown number wastes no time asking for your personal information.
- Links: Alarm bells should be ringing loud if initial messages from unknown numbers contain a direct link to a website.
Also, don’t be fooled by the names and logos of well-known companies. With WhatsApp, cybercriminals can disguise themselves as reputable sources relatively easily.
What can you do if you’ve been scammed on WhatsApp?
Have you ever fallen victim to a WhatsApp scam? Then take the following steps immediately:
- Block scammers: Stop further contact and further damage to your device or yourself.
- Strengthen your security: Change all your passwords and, if you haven’t done so already, set up two-factor authentication (2FA).
- Contact the police: Report the incident immediately and provide as much detail as possible. This includes every chat conversation, screenshots, and, if applicable, call data.
- Inform WhatsApp Support: Use the Report Contact feature to inform WhatsApp immediately of any fraudulent activity so that appropriate action can be taken.
- Check all your accounts: Check whether money has been stolen and inform all affected banks accordingly.
- Tell family and friends: Share your experience with family and friends. This can help prevent them falling victim to the same or similar scams.
- Learn from this: Reflect on what’s happened and be more careful in the future if unknown WhatsApp contacts send you strange messages.
Detect potential threats in real time with Avira Free Security
Our all-in-one solution Avira Free Security helps you to be even safer on the internet. Protect your computer and smartphone with our comprehensive app to detect potential threats before they can cause damage. With regular scans, you can also check your system for threats and eliminate them immediately.
Additionally, the tool helps you clean your computer. By uninstalling old and unnecessary programs, your PC will run faster and more reliably. The integrated VPN also helps you shield your identity on public and unsecured networks, making it tougher for cybercriminals to steal your personal information.