The latest variants of scams that harass WhatsApp users and how to avoid them

In recent years WhatsApp (WPP) was located as the social red preferred by Argentines, with about 95% of all internet users interacting on this messaging platform, according to data from the consulting firm Statista. If we add to this that Argentina has 39 million users of the network of networks and that 78% have a smartphoneit begins to be evident why the WPP has become, in recent times, a “the” tool chosen to concretize digital deceptions.

“In the last quarter, the scam that we registered the most are the variations of messages that arrive through WPP saying something like “Whoa! I was wrong! I transferred money to you with an extra zero. Can you give it back to me?”, he told PROFILE Gabriel Zurdo, CEO of the firm BTR Consulting, specialized in cybersecurity. And she explained: “It usually targets people who put objects up for sale in an online marketplace. A typical target is someone who is selling a used bike for $5K and receives a $50K transfer slip from WPP. And, almost immediately, another message requesting the return of $45,000, explaining that it was a typing “error”. Lots of people are considerate and do it, without realizing that the receipt received by WPP is false”.

For other security experts, this scam format grows and becomes more sophisticated by combining two elements: “the use of social engineering techniques and the use of personal information available in clandestine forums, or – even – published by us on social networks ”, he explained to PROFILE Marcela Pallero, postgraduate teacher in this subject. According to her too Director of Security of the Sadosky Foundation “Using public data, scammers can set up a hoax with some certainty, using excuses such as a vaccination shift or a prize. And so obtain the codes to impersonate the unwary, install a copy of your WPP on another device and proceed to ask your contacts for money.


Although many times it is said “they hacked our cell phone”, this is not usually what happens. “Since the pandemic, the number of people using messaging has increased exponentially. And also the use of these tools to deceive” he got to PROFILE pigeon szermann, public policy manager for WhatsApp in Latin America. “But,” she added, “most of the time it has to do with lose access and control of the application more than with a technical hack.” The difference is not minor, because the first one can be prevent –in part– by changing some security settings on the device and in the app” (see Box).

Another way to prevent is to avoid hasty decisions. Zurdo recorded the popular saying: “If an offer in a marketplace or in the Instagram feed is too good, you have to distrust. And if someone urgently asks us for money, why not try a call or video call first to see the face of the friend or relative in trouble? Even through the same messaging you can ask a simple “verification” question such as asking them to tell us an anecdote or personal information that is not on the networks.

Zurdo highlights another piece of information: “Deceptions using links with malicious programs that are carried out via cell phones are also growing: in 65% of cases the malware that facilitates the scam “penetrates” our systems through the smart phones”.

It is possible to improve the general security of the Smartphone by enabling the PIN or password.

Is it possible to do something if we already sent the requested money? “Sometimes yes,” replies Zurdo. “You have to try to cancel the transfer as soon as possible. It can sometimes be done by calling the bank to report the suspicious transaction or ignore the charge.” Experts also recommend avoiding the use of lesser-known marketplaces that may have more security flaws or fewer identity checks on their users.

The same goes for some digital wallets. According to data from the Central Bank (BCRA), in the 2nd quarter of 2020, 4.8 million new deposit accounts were opened. many of those new users are especially vulnerable a fraud. On the other hand, companies from around the world also appeared”financial technology” offering digital wallets in the form of applications. Pallero recalled that “since 2012, the BCRA regulates banking entities and their suppliers, audits, and requires security requirements for transaction applications. But many do not meet the standards. The ideal, according to the expert, is to opt for those that hold some type of quality certification issued by reliable entities.

In other words, improving digital security covers several planes: changing device settings; choose platforms and -above all- think twice before acting on an offer or request.

Four safety tips

One of the ways to prevent these scams is to enable in the settings two-step authentication. (Watch infographic). This gives our WPP a kind of digital “lock”, a six-number secret PIN, which –if you don’t have it– prevents its installation on the offender’s device. According to Paloma Szerman, manager of WhatsApp, “by configuring that PIN, no one will be able to carry out the false installation, even if they even receive the verification code by SMS, It shouldn’t be shared with anyone either.”.

Another recommendation is to remember that after a scam attempt from a fake account it is possible block or report it from the same WPP app. It is also possible to make our profile photo only be seen by our contacts, which reduces the possibility that they use it to impersonate the identity.

According to Pallero it is possible improve the general security of the Smartphone by enabling the PIN either password. And deactivating “push” notifications that are displayed even on the locked screen. Also, check any urgent money requests. “We can always call the person who is asking us for help through another cell phone or through the landline.”

Vulnerabilities for everyone

◆ According to data from the cybersecurity company Esetin 2022, a historical record of vulnerabilities reported in different software was obtained.

◆ The peak marked 25,226 vulnerabilities in different products and manufacturers, an increase of 26.5%.

◆ Various web browsers appear in the Top 10 most buggy applications. First on the list is Chrome followed by Firefox.

◆ The operating system with the highest number of reported security flaws is Linux (Debian) and is followed by Android.

◆ Among the five vulnerabilities most used by cybercriminals during 2022 in Latin America, there are two discovered ten years ago. That speaks to the importance of updating systems.

You may also like