WhatsApp Account Hijacking Scams Advisory

ⓘ This advisory addresses an increase in compromised WhatsApp accounts.

Attention constituent: 

CIRT-BS is advising members of the public to stay alert as a sophisticated scam targeting WhatsApp users is on the rise. Cybercriminals are hacking accounts and deceiving users’ friends and family into sending money by posing as trusted contacts.

WhatsApp Verification

How the Scam Works

  • Scammers make contact, sometimes with a WhatsApp call, and use fake profile pictures and names to build trust.
  • The scammer will claim to send a link for a group video meeting like Zoom, but in reality, they ask for a 6-digit verification code, which gives them control of the victim’s account.
  • Once they take over the account, they send messages to the victim’s contacts, asking for urgent financial help.

Look Out for Signs of Scam

  • Unfamiliar numbers with familiar profile pictures asking you for a verification code.
  • Unexpected messages from friends or family requesting money for emergencies.
  • Unrecognised invitations to virtual meetings or suspicious group chats.
Stay Protected
  1. Never share your WhatsApp verification codes – these are your keys to your account.
  2. Enable two-Step verification. Add an extra layer of protection by going to Settings > Account > Two-step Verification > Enable.
  3. Verify unusual requests. If you get a strange message asking for money or help, always call the sender directly (outside of WhatsApp) to confirm.
  4. Review privacy settings. Go to Settings > Privacy to limit who can see your personal information. Review chat group settings for extra control. (See our Privacy Setting Directory).
  5. Report and block. If you suspect a scam, report the message within WhatsApp and block the sender by pressing and holding the message, then selecting “Report.”
  6. Stay vigilant and protect your account. If it sounds suspicious, always THINK. CALL. VERIFY.

For additional information, please visit:

Best,

Scroll to Top
Skip to content