WhatsApp, one of the most popular messaging apps, has once again become the target for phishing experts.

Scammers, of late, have been taking a keen interest in WhatsApp Web QR code. These threat actors mess with user accounts by forging false WhatsApp Web interfaces. The idea is to gain access to user accounts and carry out different scam activities.


WhatsApp Web Scam Alert!

WhatsApp Web allows its users to access their accounts on up to 4 different devices. It is this feature that the scammers have started to take an interest in. Phishing actors create fake website interfaces that look quite similar to the original WhatsApp Web interface. 

So when a user types “WhatsApp Web” on any search engine, a few links pop up in the search results. If the user clicks on a malicious link created by these fraudsters, they will be redirected to this fake website.

It contains the original QR code of WhatsApp Web. When the naive user unknowingly scans this QR code on the forged website, the phishing actors get access to the former’s WhatsApp account. On the other hand, the user will notice just a harmless freeze or momentary pause, which won’t lead to any suspicion.


Why Do Threat Actors Break Into Your WhatsApp Account?

Identity impersonation has always been a favorite among phishing experts. And this is exactly what is happening with WhatsApp Web.

Threat actors crack into user accounts and impersonate their identities. By pretending to be someone else, these fraudsters try to contact their acquaintances and request financial assistance. They may also request you to share sensitive details such as login credentials, passwords, OTP, and so much more.


WhatsApp tips

WhatsApp tips on how to stay safe

Image sourced from mirror.co.uk


Why is WhatsApp Phishing Scam So Fatal?

WhatsApp phishing scams can be immensely dangerous for naive users. The vulnerability factor is so high because the user can still access their WhatsApp account while scammers are using the same for malicious activities.

The user will take note of it only once the damage has been done. For instance, a user can still use their compromised account to communicate. They will know about their account getting hacked only when some of their contacts inform them about the malicious requests made by the threat actors.


WhatsApp Phishing Scam Breaking Into Your Bank Account!

In Singapore, in the month of November alone, WhatsApp Web scams have resulted in the loss of a whopping $606,000. The threat actors had reached out to around 200+ people by impersonating their contacts and requesting money, stating that they were in a dire financial crisis.

Nottinghamshire police, too, have requested people to be vigilant and aware of WhatsApp Web scams. They have noticed a significant rise in the instances of WhatsApp scams where fraudsters crack into a WhatsApp group using the QR code tactic and then send messages to other group members while requesting money and sensitive information.

These scammers stay a step ahead by keeping their display names and profile pictures updated.



In a similar incident, Mr Louis, a sales specialist by profession, recently lost $3,500 because of a WhatsApp Web scam. He got a request from his close friend- Mr. Amer, asking for a loan of $3,500. Mr. Louis got suspicious only when his friend requested more money, stating that even $3500 was not enough.

The phishing actor who hacked into Mr Amer’s WhatsApp account played it safe by archiving all the conversations. The incident has scarred Mr Amer for life, as he is too afraid to use WhatsApp Web ever again in life!

Actress Aileen Tan was just about to get scammed and lose SGD 1730 similarly. But thanks to her husband Gerald Lee, who warned her about the scam just in time. The threat actors had managed to take control of Gerald’s WhatsApp account, using which they had already conned his sister. 


What To Do In Case Your WhatsApp Account Has Been Compromised?

Delete your WhatsApp account immediately. Restart your phone and then download WhatsApp once again. Use your phone number to log in by using a verification code. This will log out the fraudster, and they won’t be able to access your account again.



2 More WhatsApp Scams Which You Need to Be Aware Of!

Apart from the WhatsApp Web QR code scam, there are multiple other WhatsApp scams that you must be aware of. Have a look!

Gift Card Scams

Fraudsters pose as reputed brands that you frequently shop from. They text you on WhatsApp and share a link while claiming that you are their lucky customer and have bagged a gift card. They can ask you for sensitive details or share a malicious link.


WhatsApp Tech Support Scams

Phishing actors also send WhatsApp texts to users while posing as a WhatsApp customer support executive. They ask you to share your personal information so that they can get your account verified and make it secure.




WhatsApp can rob you of your reputation and hard-earned money if you don’t use this messaging app with caution.

By staying alert, keeping yourself updated about all the latest WhatsApp scams, and investing in phishing awareness training, you can significantly protect your account from getting hacked. Enhancing your knowledge through such training, combined with maintaining phishing protection measures and adhering to cybersecurity best practices, will provide robust security against the majority of scams.