Message from a friend? Check twice – it could be a trap
WOC warn: there is a wave of phishing on WhatsApp. Fake voting requests are used to take over accounts and scam people – do not provide codes!
The Cyberspace Defense Forces reported the growing risk of phishing attacks targeting WhatsApp users. The message published on the X platform indicated that cybercriminals take over instant messenger accounts and then impersonate their owners, sending crafted messages to saved contacts. The goal is to extort login details, gain unauthorized access to the profile, and in the next step, attempt to extort money from the victim’s relatives.
Fraud scheme
The pattern described usually begins with a seemingly innocent request for help. The user receives a message – most often from a friend or relative – asking to “vote in the competition”. The message contains a link to a fake website where the victim is asked to provide their phone number and enter an 8-character verification code “to validate their vote.” After entering the code, the attacker takes control of the WhatsApp account. The compromised profile is then used to further distribute phishing and scams, which fuels the scale of the fraud.
The WOC appeals to be extremely careful with unexpected requests, especially those requiring haste, verification or voting support. The recommendations are clear: do not interact with suspicious messages, do not click on links and do not enter any authorization codes. If you suspect that the message comes from a compromised account, contact the sender through another channel (preferably by phone), inform about the incident and report the matter to the appropriate services or IT security teams.
What to do?
To check if there are no unknown devices connected to your profile, go to WhatsApp settings, select “Connected devices” and make sure that only your devices are listed there. The announcement also emphasized that similar methods are used not only in WhatsApp – phishing threats also apply to other messengers, such as Signal or Messenger.
WOC reiterate their appeal for vigilance and common sense: treat any sudden request for a vote, financial assistance or verification as a potential fraud attempt. Not reacting to suspicious messages and verifying them at the source is the easiest way to protect your account and your friends against hijacking and fraud.
