15 WhatsApp Scams and How to Avoid Them

While WhatsApp is generally safe, there are scams you should be aware of, like phishing scams, impersonation scams, fake offers, prizes scams, and more. Sometimes, scammers don’t just want to trick you into giving them money. Some WhatsApp scams even distribute malware and computer viruses.

The rising popularity of messaging apps like WhatsApp has caught the attention of cybercriminals. In 2022, the Federal Trade Commission reported that Americans lost $330 million dollars to text message scams, so it's important to know how to keep yourself safe [1]. In this article, we outline some popular WhatsApp scams, including how to spot them and how to avoid falling victim to identity theft. 

What are WhatsApp scams?

While it can be hard to keep up with current scams, knowing the red flags is the first tool in your basic cybersecurity arsenal. A scammer's end goal is threefold: steal money or cryptocurrency, obtain your personal information to commit identity theft, and/or distribute malware.

In most scams, criminals try to convince you to send funds quickly, emphasizing a sense of urgency and a dire need to act quickly. Similarly, they may exploit sympathy and try to guilt or coerce you into sending money or information. Additionally, scammers want you to unknowingly download malware onto your device, which can compromise security, steal data, or render your device inoperable.

Phishing scams

Phishing is a type of online scam in which a person is sent a fake email or text message from a source that looks reliable, like a bank or a utility company. The message requests personal information, like your Social Security number, then uses that information to open new accounts. Scammers go to extreme lengths to ensure the websites or messages look legitimate, often using fake websites, login pages, and logos. Phishing scams include QR code scams, wrong number scams, or even tech support scams.

Impersonation scams

In this scam, the fraudster impersonates a loved one or claims to be someone they’re not. They could pretend to be a romantic partner or child in desperate need of funds, like in a family impersonation scam. In these scams, the objective is to get quick access to your money and disappear.

Fake offers and prize scams

Scammers will often use fake offers and fraudulent prize claims to lure users into handing over personally identifiable information. In this scam, you may receive a message from a seemingly legitimate company with a link to claim a supposed free gift card or prize. In reality, clicking the link can install harmful malware on your device. Alternatively, you may be asked to provide personal information to claim your prize. Instead of obtaining your prize in these giveaway scams, you handed over sensitive identifying information to a cybercriminal.

Malware and virus distribution

While any of the above-mentioned scams can result in malware, hackers can also seek to disseminate malware without elaborate schemes. Scammers can simply send malicious links that they claim are software updates or send random malicious attachments to users. When you click on the link, malware or a virus is installed. Once malware is installed, cybercriminals can steal your personal information or flood your device with more malware.

How to avoid the 15 most common WhatsApp scams

The world of instant messaging services, including WhatsApp, is ever-evolving, and so are cybercriminals. Scammers use various methods of social engineering, like smishing, to deceive or manipulate you into handing over valuable information, money, or cryptocurrency. From impersonation schemes to fraudulent prizes, here are 15 common WhatsApp scams to look out for:

1. WhatsApp Gold scams

In this scam, you receive a message with an invitation to join WhatsApp Gold, an exclusive version of the app with new updates and features. The caveat is that WhatsApp Gold isn’t a real thing; it’s a hoax. Clicking on the link takes you to a fake website or installs malware on your device.

2. WhatsApp tech support scams

In this impersonation scam, cybercriminals act as WhatsApp tech support to con unsuspecting users into giving out identifying information to “verify” your account. They may also ask for credit card numbers, verification codes, or other sensitive information.

3. Bogus gift cards and survey scams

Imagine you receive a message saying you won a free gift card or that if you fill out a quick survey, you are entitled to receive a gift card. Pretty cool, right? Wrong. In this scam, users are sent invalid links to claim their gift cards. When you click the link, malware is installed, or you are prompted to enter personally identifiable information in exchange for your gift card. 

4. Lottery and giveaway scams

This type of popular social media scam includes scammers messaging you to tell you you’re the lucky winner of a lottery jackpot. To claim your “prize,” you click on a malicious link or input personal information, putting yourself at risk of cybercrime. It pays to be wary of giveaway scams and “too-good-to-be-true” offers.

5. Romance scams

This catfishing scam preys on vulnerable victims looking for connections and romance online. After establishing a relationship, scammers will set up an opportunity to meet in person. Then, they will create a false narrative about an emergency for a friend or family member they need to help financially. They will then ask you to cover the expense or contribute.

6. Crypto romance scams

This WhatsApp scam is a slight twist on the classic catfishing romance scam and crypto scams. Instead, scammers utilize dating apps to find their victims and eventually move the conversation to a messaging app. They display a fake lifestyle of wealth and opulence and credit their financial success to cryptocurrency. They promise you can find the same success and offer to help with investments. The catch? The investments actually go into their wallet.

7. Wrong number scams

A wrong number scam typically starts with a message from an unknown number. The sender often includes a random name in the message and may claim to have met you somewhere. When you respond that they have the wrong number, they continue to respond, trying to engage in conversation. Their end goal, as with all phishing messages, is to steal your information.

8. Verification code scams

This WhatsApp verification code scam involves someone claiming they entered your phone number by mistake, and then they request the verification code sent to you. Here’s how it might look: You may receive an unexpected message with a verification code or a request to input your phone number for confirmation. They may say they’re looking for a verification code, but they’re looking to take over your account.

9. Call forwarding scams

Clever forwarding scams begin with an unsolicited phone call. The scammer convinces you to call an unknown number that, unbeknownst to you, enables call forwarding from your phone to a new number that the scammer controls. During the phone call, the scammer tries to hack into your WhatsApp account, selecting the option of verification through a one-time password via phone call.

10. Family impersonation scams

This scam is increasingly popular and is relatively easy to pull off. Essentially, users receive a message from an unknown number claiming to be their child. They claim their phone may be broken or not working, hence the unfamiliar number. They request that you send funds to an account to repair or replace their phone. Unsuspecting parents then transfer money right into a scammer’s account. Alternatively, scammers may pose as the recipient’s mom or dad.

11. Loved one in need scams

In this type of scam, criminals prey on our natural inclination to help close friends or family members. From an unknown number, the scammer pretends to be a close friend with a new number. They explain elaborate details of their dire situation and request you send them money to help. But instead of helping a friend, you’ve sent money straight to a scammer.

12. Charity scams

Charity scams are when a scammer pretends to be from a reputable charity seeking donations. Scammers will go to great lengths to create a secure-looking website, but instead of donating to a charity, you’re donating directly to their bank account.

13. Job offer scams

Job offer scams are a common way to lure victims with promises of high salaries. The scammer lures you into thinking the job opportunity can’t be missed, perhaps with a high salary or payout, flexible work hours, remote work location, or more. The scammer may ask you to pay a fee to apply, or they may send a link to apply. When you click the link, you’re taken to a third-party site to enter valuable identity information similar to a job application: Social Security number, date of birth, name, address, and more.

14. Fake security alert scams

This scam mimics the security alerts that banks send to customers. You may receive a message saying there has been fraudulent activity on your account. The message asks you to input your bank account details through a link they send, but the link is a fake website where you just put in your sensitive account information.

15. QR code scams

QR codes are everywhere, and scammers are using them to their advantage. In a QR code scam, a scammer will send you a picture of a QR code with instructions to scan it. They may offer a prize or send a message saying there is an issue with your account that needs to be resolved. Some scammers even claim to be delivery companies that are unable to deliver a package. By following the instructions, you inadvertently hand out personally identifiable information.

15 tips to keep you safe from WhatsApp scams

While scammers are getting increasingly clever in their tactics to scheme, there are ways to protect yourself. Many scams share common characteristics, such as unsolicited messages from unknown numbers, messages urging immediate action, or messages with spelling or grammatical errors. When it comes to WhatsApp scams, if it sounds too good to be true, it is! Use discretion when you receive messages claiming you’re the random winner of something you didn’t enter.

Here are simple ways to protect yourself from WhatsApp scams:

1. Stay informed about the latest WhatsApp scams and techniques.
2. Enable two-step verification (2FA), and don’t share your verification code with anyone else.
3. Adjust your privacy settings to control who can contact you and limit the visibility of your personal information.
4. Report any suspicious messages or activity.
5. Periodically change your WhatsApp PIN.
6. Keep WhatsApp software updated.
7. Always verify the identity of the person or organization. If something looks suspicious, verify it against another website. Double-check to make sure phone numbers and websites match.
8. Try to verify unknown numbers sending unsolicited messages.
9. Don’t click on suspicious links.
10. Look for spelling or grammar errors.
11. Be cautious of urgent messaging and other high-pressure tactics.
12. Be skeptical about offers that seem too good to be true.
13. Always question the legitimacy of unsolicited communications, including messages, links, or offers.
14. Don’t disclose personal information.
15. Invest in antivirus software and/or identity theft protection services.

3 best identity theft protection services

How to protect yourself from WhatsApp scammers

In addition to proactively using identity theft protection, there are ways within WhatsApp to protect yourself from these scams. To start, enable two-step verification, and reset your WhatsApp PIN. Then, adjust your WhatsApp privacy settings to a level of security you’re comfortable with. Next, keep WhatsApp software up to date by regularly installing updates. Lastly, report any suspicious activity on WhatsApp to a customer support representative.

How to enable two-step verification (2FA) on WhatsApp

• Open Settings in WhatsApp.
• Tap Account > Two-step verification > Enable.
• Enter a 6-digit PIN of your choice and confirm.
• Provide an email address you can access or tap Skip. (We recommend adding an email address that allows you to reset two-step verification to help safeguard your account.)
• Tap Next.
• Confirm the email address and tap Save.

How to change your WhatsApp default PIN

You can change your default PIN with or without an email address. If you provided an email address when you set up your account, you can change your PIN immediately by following these instructions:

• Open WhatsApp > Tap Forgot pin? > Send email.

• Once you receive the email, click the reset link and confirm.

• Open WhatsApp> Tap Forgot pin? > Reset.

If you didn’t provide an email address or forgot the email address to reset, or if someone else set up the verification PIN before you started using the phone number, it will take 7 days to reset your PIN.

• Open WhatsApp > Forgot pin? > Reset.

How to adjust your WhatsApp privacy settings

By default, WhatsApp sets your privacy settings to allow any user to see your profile, read receipts, and see if you’re online. Your contacts can see your status updates and when you were last seen. 

To change your privacy settings: Tap Settings > Privacy.

There, you can determine who can see what information about you.

How to execute WhatsApp software updates

If your device doesn’t automatically install the latest updates, execute WhatsApp software updates. Find WhatsApp in your app store (Google Play Store or Apple’s App Store) and tap Update.

How to report suspicious activity on WhatsApp

To report a contact in WhatsApp:

• Open the chat with the contact you want to report.
• Tap More Options > More > Report.
• Tap Report.

WhatsApp will receive the last five messages sent to you by the reported user and information about the message, such as when it was sent and the message type (image, video, text, etc.).

To report a photo or video:

• Open the photo or video.
• Tap More options > Report contact.

What to do if you suspect a WhatsApp scammer

If you suspect a WhatsApp scammer, or if you’re worried you’re a victim of a scam, there are steps you can take to remedy the situation as soon as possible.

1. First, contact your bank or financial institution immediately if you've already shared financial information.
2. Secondly, document all you can. Take screenshots of all communication with the scammer, then stop all communications and block the suspicious number. Report the suspicious activity to WhatsApp.
3. Third, update your WhatsApp PIN and password and enable two-factor authentication on your account.
4. Lastly, file any reports necessary: a police report or a report with the FTC if identity theft has occurred. Review your financial accounts for fraudulent charges or activity, and dispute or report as necessary with your bank or credit card company.

FAQs

Bottom line

From CashApp scams to TikTok scams, free platforms like WhatsApp make it extremely easy for scammers to communicate with you and try and obtain your personal information.

Fortunately, there are ways to stay safe online. Being aware of popular WhatsApp scams and knowing what to look for are important ways to keep yourself safe online. We encourage proactively using an identity theft protection plan for additional security.