New WhatsApp Scam Campaign

WhatsAppScam

A new scam is spreading through the popular WhatsApp app and has already cost many people their money. What makes it particularly insidious is that the message appears trustworthy – it comes from someone in your contact list.

Redamp.io | WhatsApp phishing

What Does the Scam Look Like?

  1. You receive a message from a known contact on WhatsApp asking you to vote in a competition. It's not from a stranger or unknown number – it's someone you regularly talk to, such as a friend, coworker, or family member.

    Redamp.io | New WhatsApp Scam Campaign

  2. The message includes a malicious link. When opened, the user is prompted to enter their phone number and a verification code, or to connect a device.

    Redamp.io | New WhatsApp Scam Campaign

  3. If the user follows these steps and clicks the “Connect Device” button, they unknowingly grant the attacker access to their WhatsApp account. The attacker then gains access and starts sending scam messages to the victim’s contacts.

    Redamp.io | New WhatsApp Scam Campaign

  4. The attacker’s message appears urgent – for example, a request to borrow money with a promise to repay quickly. The message includes a bank account number where the money should be sent. The goal is to trick unsuspecting friends or family members of the compromised user into sending money.

    On the following image, you can see an example of a real conversation. The initial message from the scammer is marked in red:

    Redamp.io | New WhatsApp Scam Campaign

    Because the message comes from someone you know – someone saved in your contacts or with whom you've chatted before – you're likely to believe it's genuinely your colleague, friend, boss, or relative. If such a person asks you for urgent financial help, you typically have no reason to doubt it. This new type of WhatsApp scam relies on that trust.

How to Stay Safe?

  1. Users should be extremely cautious, read incoming messages carefully, and under no circumstances should they click on suspicious links.

  2. If you're unsure about the authenticity of a message, it is recommended to verify it directly with the sender, ideally via a phone call. This is especially important if someone close to you is asking for money.

  3. If you have clicked on a malicious link in a message, check your connected devices:

    1. On your mobile device (Android or iPhone), open the WhatsApp app.
    2. Tap the three dots icon (top right on Android) or go to Settings (bottom right on iPhone).
    3. Select Linked Devices.
    4. A list of all devices currently connected to your account via WhatsApp Web or the desktop app will appear.
    5. If you see any unfamiliar devices, tap on them and choose Log Out.

  4. Stay informed! Read our blog  and follow notifications in the app about the latest threats we are monitoring for you.

Source: policie.gov.cz