It’s important to know how to recognise WhatsApp scam tactics so that you understand how to protect yourself from them. Hundreds of thousands of dollars are coaxed out of people every week because they have a big heart, and they don’t understand that hackers will take advantage of that.
Those hackers use WhatsApp, the popular instant messaging service, to farm contacts and scrap personal information. When they have enough information on a target, they launch one of many targeted attacks against them, ranging from phishing to social engineering.
Sure, WhatsApp is encrypted. But that just keeps hackers from spying on your chats. It doesn’t stop them from contacting you. They just need your number. When they message you, they’re going to be armed to the teeth with personal information about you, your friends, and your loved ones. They’re ready to scam… are you ready to resist?
Typical Recent Scams On WhatsApp
What sorts of scams on WhatsApp have been popular recently?
Impersonation is one of the most common themes for WhatsApp scams. One popular hijacking scam abuses notifications for two-factor authentication. Two-factor authentication uses external security codes, sent via text or a safe third-party authentication app. After typing in their password, the user is asked to verify that they are who they say they are by putting in a short code. It stops scammers and hackers from gaining access to accounts using only a password. They would also need access to one of your devices, like a phone.
The hijacking scam tries to abuse this, however. Scammers trick users into sending their security codes back to them. Step one - a user gets a genuine notification from their two-factor authentication for WhatsApp. Step two - a message comes in from one of their friends or relatives. It’s their real number. The scammer will say they got locked out of their account, but put in the target’s phone number out of habit. Step three - the scammer will then ask the user to send the security code back to them. But the code the user got sent was actually for their own WhatsApp account! Sending it back over to the scammer bypasses the two-factor authentication and hijacks the user’s account.
How did the message come from your friend’s real number? They were already hacked. You’re just the next potential victim in a chain of these hacked identities.
Another sort of WhatsApp scam involves scammers instructing users to click shady linksPopular scam sites include ‘Rediroff.ru’ and ‘Rediroff.com’. After clicking the link, the user is asked to fill out info on a webpage. They are offered a prize in exchange for completing this task. Then they get ‘extra’ chances by forwarding the website’s link to a certain number of WhatsApp users. And more if they fill out surveys that ask for sensitive personal information. And they’ll only get a ‘payout’ if they share bank details. In reality, the page just harvests the user’s details - name, address, bank info, etc. The scammers then use that information to rob, blackmail, or impersonate the user.
One final common scam is the ‘Hi Mom’ scam. This involves the scammer messaging the user with a greeting, saying that they’re a relative who has broken their phone. Then they beg for sums up to $1,000, sometimes more if they’re feeling brave. Often in cash and delivered in some impersonal way, with additional excuses involved.
The key here is believability. The scammer will send the same scam to hundreds of people. While it won’t be believable to most, one person will have a family member with circumstances that match up perfectly. They’re then in danger of being defrauded.
Protecting Yourself From Scams On WhatsApp
It might seem hard to protect yourself from WhatsApp scams. But it’s worth making the effort.
There are lots of easy ways to stay safe. For example: If someone messages you on WhatsApp and you don’t recognise their number, make them call you or leave a voice note!
This method is endorsed by Kathryn Harnett, WhatsApp's global policy manager. Scammers will refuse to do this, usually. It will quickly reveal that they are faking their identity. If they make a ton of excuses, you know they are not who they say they are.
This even works if you do recognise their number… remember the two-factor hijacking scam? If they won’t call you, block the user and delete the chat. Alternatively, you can contact the friend or relative on a different messaging network like Facebook or texting. Ask them to confirm whether the person messaging you on WhatsApp is really them. If they say it isn’t, then you’re being scammed.
Don’t give out sensitive information such as your name, address, bank details, password details, family secrets, or anything else to people you don’t recognise. And even if you do think you know them- make sure to check their identity with a simple call.
Be careful about giving out information about your life. The more information scammers get, the more convincingly they can impersonate you or someone you love. The best thing to do if you suspect someone of scamming is to not respond at all. Contact your friend or loved one through alternate means and let them know what’s up. Turn on two factor authentication for your account, and have them do the same!
Your Privacy Matters
Maintaining your privacy online is critical. Scammers get less personal information when you use apps like Hoody to shield yourself. That’s because they will be able to get less of a link between your social media and your E-Mail address. Hoody will also block vital information from shady advertisers who are using browser fingerprinting to track you.
Hoody can also get around things like regional censorship, or government logging of IP addresses that visit certain types of websites. By using Hoody’s private node network, normal IP addressing schemes are bypassed.
We hope that you learned a couple things about the WhatsApp scams that are out there. Protect yourself, and stay safe!
No comments yet