Blog

WhatsApp Scams: What’s Up With These Links?

At the start of the year we wrote about a WhatsApp scam where the scammer sent the victim a personal invitation to connect with them on WhatsApp, using a fake job offer as a phishing lure. In this blog, we’ll discuss how scammers are taking a similar approach, this time inviting subscribers to join a WhatsApp group.

WhatsApp Group Scams

As well as one-to-one conversations, WhatsApp allows mobile users to join group chats – a popular way for family and friends to stay in touch. In some countries, especially India, WhatsApp groups are commonly used for business too, so you may be in a group chat where you don’t know many or any of the other participants. It’s no surprise then, that scams involving WhatsApp groups have been present in India for some time, however these scams are now finding a foothold in North America too.
SMS with WhatsApp group invitation link

WhatsApp Crypto Scam

The WhatsApp scams concern cryptocurrency trading, with promises of huge returns to those who follow the advice of the group’s “analyst.”

SMS messaging is the guaranteed way for companies to reach their customers, and also for scammers to reach their victims. So why employ WhatsApp?

  • It’s a low-cost way to reach many potential victims at once.
  • Encrypted messaging means WhatsApp scammers can send links to known bad sites without risk of tripping the operator’s anti-spam firewall.
  • Addressing only subscribers who have joined your group means a degree of self-selection has already taken place.

Receiving a WhatsApp group link – how does this scam work?

Obviously the scammer’s first task is to get potential victims to join the WhatsApp group. The preferred method is to send a text message containing nothing but a link to join the chat. There are several legitimate reasons you might receive a WhatsApp group link in a text, making this tactic difficult to protect against:

  • One of your own contacts may ask you to message them on WhatsApp. This will usually come through as a “wa.me” link (WhatsApp me)
  • If you don’t already have WhatsApp installed, you may receive an invitation to download the app.
  • WhatsApp itself may send you a message with an activation code, and include a link.

Links to join a group start with “chat.whatsapp.com” – if you get one of these from a number you don’t recognise you have reason to be suspicious.

Sending an identical link to a number of subscribers at the same time may raise a flag on an operator’s SMS firewall, so scammers obtain as many SIMs as possible from an operator with an attractive text messaging plan, then send the messages from many different numbers in small enough quantities to stay under the radar.

Diving into the crypto scam

The scammers tactics may vary, but the common theme is an ‘educational’ WhatsApp group led by an analyst and one or more assistants who administer the group. Some of the other members of the group will pose as eager students who go on to make great returns, to keep the victims interested.

Analysis of one of these groups revealed an elaborate setup:

  1. The “analyst’s” name and photo belonged to a real person, though this real individual was almost certainly not connected to the scam.
  2. Googling the analyst’s name and adding “crypto” led to the website of a fake cryptocurrency investment firm, complete with photos and profiles of the analyst and “assistants.” Again, these real individuals are unlikely to have been connected to the scam.
  3. Posting in the group was initially restricted to admins only. After an introduction by the assistant, the analyst provided some “analysis” which was meandering and inconsistent, but filled with the kind of buzzwords and jargon which might make it sound credible.

Fake cryptocurrency website

 

The ultimate goal is to get you to transfer money under the guise of investment and likely some further unexpected fees. No matter what you’re promised or what the cheerleaders claim, money will only be transferred in one direction if you’re taken in by this scam.

This post is not investment advice, but here’s a free tip: Don’t transfer money to anyone you’ve met on WhatsApp.

Enea’s award-winning, intelligent Messaging Protection Platform offers advanced new threat discovery with regard to phishing and spam. Download the product overview to discover how we can help mobile network operators protect their subscribers from these threats.

Related insights

Mobile network security: Bridging the gap between enterprise needs and CSP capabilities

Read more

Tags: Cybersecurity , Mobile Security , network security , signaling security

MMS fingerprint

Dusting off Old Fingerprints: NSO Group’s Unknown MMS Hack

Read more

Tags: Cybersecurity , Mobile Security

Location Tracking on The Battlefield

Read more

Tags: Cybersecurity , Mobile Network Threat , Mobile Security , Mobile Surveillance

Don’t Bring Your Own Device (D-BYOD): How Businesses are Adapting to Cybersecurity Realities in Hong Kong

Read more

Tags: mobile network resilience , Mobile Security , signaling security

Padlock with surrounding lines representing mobile network security

Securing the Nation: The Crucial Role of Governments and Regulators in Mobile Network Security

Read more

Tags: Cybersecurity , Mobile Security