Last Updated on March 22, 2021 by Calvin C.
Cybercriminals burn midnight oil finding ways to gain access to your personal privacy and amongst these attackers are WhatsApp fraudsters. In this article, we look at 5 WhatsApp scams to watch out for in 2021.
Background of WhatApp
This is the most popular chat platform in the world with over 2 billion users and this number is increasing as more people use the internet.
WhatsApp works on all major platforms, that is Android, iOS, MacOS and Windows.
You can chat, send videos, documents, location, attachments, easily and at a low cost.
Unfortunately, the high user base and the fact that it uses the internet attracts cybercriminals.
By understanding the modus operandi of these criminals, you are less likely to fall victim to their traps.
As an advocate for cybersecurity, I also strongly encourage you to use a VPN service when you are working with sensitive information online.
Without guidance, choosing the right VPN is not any easy task.
However, you need to realize that there are only a few top VPNs that I recommend over any other VPN services.
- Our overall best VPN is NordVPN
Dangerous WhatsApp scams
1. Fake vouchers
One way to expose your number to scammers is to join public WhatsApp groups randomly.
They easily harvest WhatsApp numbers from potential victims and send fake messages to make you think you have won or you need to take action urgently.
The fake message contains a link that looks innocent e.g. link to a familiar online store.
If you click the link and visit the site, you are tricked into submitting your personal information.
This leads to identity theft and your personal credentials are used to commit crimes online.
In some cases, clicking the link leads to installation of malware on your device.
Malware is discussed in detail in another article and it leads to further compromise of your security or privacy.
Cookies can be added to your device without your knowledge and you start seeing Ads or your browsing patterns are tracked.
2. Email attack
The attacker sends an email that appears like it is coming from WhatsApp.
In the email, there is an alert for missed voice messages and you are given an option to replay them.
However, clicking the ‘Play’ button leads to installation of malware on your device and these attackers steal your information or even ask for a ransom.
3. WhatsApp hijacking
This tactic is similar to sim card hijacking and is effective if the victim uses a weak PIN code.
Usually, it takes place when the victim is asleep and the phone is connected to the internet.
First step is for the attacker to install WhatsApp on his or her phone and try to register the victim’s number.
Social media groups, online profiles etc are some of the rich sources for harvesting personal details of potential victims.
In order to register a new number, WhatsApp sends a one-time verification via SMS.
Since the SMS is received by the victim’s phone, there is no way the attacker can authenticate the registration so WhatsApp tries to use voice authentication.
This leaves a record of the automated voice message on the victim’s phone, with the verification number.
If your mobile service provider allows remote access of voicemail messages, this gives the attacker a chance to use the next step.
Provided you use an easy PIN code, like 1234, 1111 or 0000, the attacker accesses your voicemail remotely and gets the authentication code.
This means he or she is able to go ahead and create a WhatsApp account using your number.
4. Fake versions
There are many fake WhatsApp versions out there, that promise additional features.
However, WhatsApp distanced itself from these versions and issued a warning because there is no guaranteed security or privacy with these versions.
- Examples of these versions are:
- WhatsApp Gold
- WhatsApp GB
- WhatsApp Plus
- WhatsApp Indigo
These WhatsApp versions use the same source code as the original WhatsApp, but add plenty of extra features.
The most popular version is GB WhatsApp and it was removed from Play Store because it violated terms of service.
You also risk getting a ban from WhatsApp if you use these unofficial apps.
Since it’s not official, malware can be injected in the code and breach your privacy without any detection.
Despite the temptation to do so, don’t use unofficial WhatsApp if you value your privacy and security.
5. Spy Apps
One of the ways you can lose money or install malware is to use one of those WhatsApp spy apps.
It is impossible to spy on someone’s WhatsApp conversations unless you get some form of physical access to the device.
Scammers trick you into getting one of those apps and you can even pay to remove Ads but it’s a waste of time and money.
Remember, your personal data is very valuable and can be sold online.
The above is only a tip of the iceberg as there is more that cybercriminals come up with to attack you using WhatsApp or related apps.
One of the best ways to follow best practices to secure your email and to hide your identity online.
A VPN masks your IP address and encrypts all your traffic.
These are the top VPN services you should check out:
What do you think about WhatsApp scams? Leave comments below and support us by sharing the post with your audience.