Online scams are on the rise and are increasingly infesting instant messaging services. This is particularly the case for the multi-platform mobile application WhatsApp. With more than 2 billion users worldwide, it has enough to whet the appetites of fraudsters of all kinds, who compete in ingenuity to defraud as many victims as possible. So how do you recognise and prevent fraud attempts on WhatsApp?
Let's start by listing the main types of fraud committed using WhatsApp.
The first scam involves cybercriminals posing as a friend or family member and asking you for emergency financial support. Even if, in most cases, the phone number used is unknown to you, you may think that it is indeed a relative because the profile picture is familiar to you or because the person you are talking to is referring to a recent conversation you had (like “I should have asked you for help yesterday when we were in that bar”). But nothing is easier for a fraudster than copying a photo or getting information from other platforms like Facebook or Instagram.
A more elaborate scam is to use the fake friend or fake contact technique to hack your WhatsApp account. It’s a relatively simple process consisting of several steps. The fraudster manages to get your phone number. He reinstalls WhatsApp on his device, enters your phone number, and requests the registration code. The verification code is sent to you. Immediately afterwards, the fraudster - masquerading as one of your contacts - sends you a message telling you that he has accidentally dialled your phone number instead of his and asks you to send the verification code over to him. If you agree to his request, you can say goodbye to your account. The scammer logs into your account on his own device. He can then repeat the operation with your contacts or ask them for money, and do so with much greater chances of success since he is pretending to be you with your own account!
Other hackers have found another even more elaborate method: pretending to be WhatsApp and asking you for your personal details and verification codes for security reasons.
Another very popular scam is to send you fake promotional ads that appear to come from various recognised organisations and brands. The purpose of this technique, known as phishing, is to obtain your sensitive data such as login or bank details in order to steal your identity. The messages usually contain a tempting offer: "Click and win flight tickets", "Take advantage of big sales on your favourite brands", etc. Sometimes you are asked to provide your credit card details or, better yet, to send the message you have just received to your contacts in exchange for a promised gift. This method makes phishing even more effective, because the message you send will be more favourably received by your contacts who know you.
Scammers also use WhatsApp to establish contact with their potential victims, especially those who carry out transactions online very often. If you are selling second-hand items on the internet, play it safe. You may one day be approached on WhatsApp by a cybercriminal posing as an interested buyer. Before transferring the purchase amount to your account, he will ask first you to deposit a small amount into his account by way of a check and send you a WhatsApp message with a link. By clicking on this link, you will be redirected to a fake site where you will be asked to enter your bank details.
Another example is the parcel delivery scam. Fake employees from online delivery companies notify you via WhatsApp that a package needs to be delivered to your home and ask you to click on the link provided with the message to make a small payment and thus ensure the product is delivered safely to your home. Of course, the site is completely bogus and has only one purpose: to extort money from you!
To avoid the scams described above, be vigilant. If your "friend" is in a rush when he asks you for money and doesn't want you to talk to him on the phone, this is probably a scam attempt. Never share your verification code with anyone and keep your eyes open if you receive a verification code without asking for it. Secure your account as much as possible by enabling two-step authentication. Never respond to payment requests from strangers, even for small amounts. As for promotional ads from famous brands, check if they are real by going to the official website of the brand in question.
Also use your common sense. WhatsApp will never ask for your personal data or verification codes. Likewise, online delivery platforms will never ask you to make an additional payment for safe delivery.
If you think you have been the victim of an online scam, contact your bank immediately.
Here are some simple rules to stop you from heading down the wrong track on social networks.
Finding a password which is easy to remember and effective against hacking is not always easy. So here are a few tips for creating a password which is easy to remember and very secure.
We have explained to you what phishing is – now we need to help you make sure you never fall into the trap!