Sharing is scaring: The WhatsApp screen-sharing scam you didn't see coming
Summary:
Fraudsters are actively exploiting WhatsApp’s screen-sharing feature to trick users into giving them real-time access to sensitive information. The scam typically initiates with a video call from an unknown number. According to ESET who uncovered details of the scheme, the actors will masquerade as a bank or service representative, a WhatsApp or Meta support agent, or even a friend or relative of the victim in distress.
”Next comes a sense of urgency. The caller will claim that there’s an unauthorized charge on your credit card, an open session on another device that needs to be closed, a pending prize that needs your verification, or a risk that your account may be suspended. The goal, of course, is to create a sense of panic and get you to act without thinking twice,” noted ESET in its blog post.
From here, the scammer will ask the victim to share their screen or install remote-access apps like AnyDesk or TeamViewer so that they can resolve the alleged issue. With access to the victim’s screen, the actor can see all incoming text messages and WhatsApp verification codes, passwords, and banking information, enabling them to hijack accounts or make unauthorized transfers. The fraudsters may also trick victims into opening apps, sharing OTPs, or even installing malware such as keyloggers.
Security Officer Comments:
The latest scheme has targeted users across the globe, including the United Kingdom, India, and Hong Kong, with one victim claiming to have lost 700,000 USD. According to ESET, the actors will use spoofed numbers to call victims, create a sense of legitimacy. The video feed on the actor’s end is also typically disabled or blurred to cover up their identity.
Users who end up falling victim don’t just risk their data and financials from being compromised. With actors compromising WhatsApp accounts, this access can be used to target relatives or friends of the victim, creating a never-ending cycle of fraudulent activity.
Suggested Corrections:
https://www.welivesecurity.com/en/scams/sharing-is-scaring-whatsapp-screen-sharing-scam/
Fraudsters are actively exploiting WhatsApp’s screen-sharing feature to trick users into giving them real-time access to sensitive information. The scam typically initiates with a video call from an unknown number. According to ESET who uncovered details of the scheme, the actors will masquerade as a bank or service representative, a WhatsApp or Meta support agent, or even a friend or relative of the victim in distress.
”Next comes a sense of urgency. The caller will claim that there’s an unauthorized charge on your credit card, an open session on another device that needs to be closed, a pending prize that needs your verification, or a risk that your account may be suspended. The goal, of course, is to create a sense of panic and get you to act without thinking twice,” noted ESET in its blog post.
From here, the scammer will ask the victim to share their screen or install remote-access apps like AnyDesk or TeamViewer so that they can resolve the alleged issue. With access to the victim’s screen, the actor can see all incoming text messages and WhatsApp verification codes, passwords, and banking information, enabling them to hijack accounts or make unauthorized transfers. The fraudsters may also trick victims into opening apps, sharing OTPs, or even installing malware such as keyloggers.
Security Officer Comments:
The latest scheme has targeted users across the globe, including the United Kingdom, India, and Hong Kong, with one victim claiming to have lost 700,000 USD. According to ESET, the actors will use spoofed numbers to call victims, create a sense of legitimacy. The video feed on the actor’s end is also typically disabled or blurred to cover up their identity.
Users who end up falling victim don’t just risk their data and financials from being compromised. With actors compromising WhatsApp accounts, this access can be used to target relatives or friends of the victim, creating a never-ending cycle of fraudulent activity.
Suggested Corrections:
- Never share your screen with someone you don’t personally know, doubly so during an unsolicited call. If you receive a call from an unknown number where the caller claims to represent a bank, online service provider or any other trusted entity, hang up and contact the institution directly through a verified channel.
- Never share your passwords, verification codes or any personal or financial data over the phone. Online services, banks or any other legitimate companies will never ask for your passwords, PINs, or card details through unsolicited calls or messages.
- Avoid installing remote-access apps at the behest of strangers as remote access tools like AnyDesk or TeamViewer can grant them full control of your device.
- Verify alarming information independently. Be aware that scammers will try to rush you into action, typically by making you panic. Resist the urge to oblige; instead, take a deep breath and think.
- If someone claims that there’s a problem with your bank account or your friend or relative is in trouble, contact your bank or your relative directly and through another channel before taking any action.
- Enable 2FA in WhatsApp (called two-step verification in the app) by navigating to Settings → Account → Two-step verification → Turn on or Set up PIN. That way, even if cybercriminals get hold of your login credentials, they will need this second factor to access your account.
https://www.welivesecurity.com/en/scams/sharing-is-scaring-whatsapp-screen-sharing-scam/