Skip to Content
© Tashatuvango |
Security & privacy

Two clever new scams hackers are using to steal social media logins

There’s no question about it: Phishing scams are on the rise. Whether it’s due to COVID-19, social unrest, or the nation’s economic downturn, there’s no shortage of ways to get yourself conned out of your logins and personal data.

For the most part, hackers are taking advantage of the public’s desire for financial stability and COVID-19-related answers. Unfortunately, millions of dollars have already been lost to many of these schemes. Tap or click here to see how it’s happening.

But now, a new kind of attack is infiltrating WhatsApp users with brutal efficiency. It preys on people’s empathy, and like any good social engineering campaign, it can be hard to see through the lies. Here’s what you need to watch out for.

‘What’s up, WhatsApp?’

According to reports, a number of WhatsApp users are falling victim to a fiendish social engineering scam that takes advantage of people’s relationships and trust in developers.

It starts with a simple message that allegedly comes from a friend you know. The friend will claim they’re unable to log in and need to use your phone number to send a text message verification. Seems harmless, right?

Once you provide the verification, your account will be captured, and other contacts on your own list will be harassed with the same scam message. Like a virus, this scam jumps from account to account leaving destruction in its wake.

And now, fraudsters are even sending fake messages claiming to be from WhatsApp itself. At this point, the only way to stay safe is to be especially watchful of who sends you messages. You never know if it could be friend or foe.

How can I protect myself from getting scammed?

As we’ve said a few times over the past year, the greatest strength of phishing scams is also their greatest weakness: You have to fall for the scam in the first place in order for it to hurt you.

That said, messages coming from friends will throw a wrench into this theorem. Instead of taking what your contacts message you at face value, you’ll have to be 100% certain that someone asking for personal information is authentic. You can do this by simply calling your friend and confirming that they, in fact, sent the message.

In addition, note that WhatsApp (and its parent company Facebook), will never ask for personally identifying login information under any circumstance. Facebook is too busy using your data in other ways. Tap or click here to see what the company continues to do with your information.

As time marches on, frauds and scams will only become more common. It’s up to us to rise above these attempts. As far as we can tell, we can’t rely on the platforms to protect us anymore. Tap or click here to see how Google continues to miss malware in its own app store.

Komando Community background

Join the Komando Community

Get even more know-how in the Komando Community! Here, you can enjoy The Kim Komando Show on your schedule, read Kim's eBooks for free, ask your tech questions in the Forum — and so much more.

Try it for 30 days