Scams and threats circulating on messaging apps like WhatsApp demonstrate how easily trusted platforms can be weaponized against users.
One deceptive tactic gaining traction involves tricking people into sharing their phone screens during WhatsApp video calls. The screen-sharing feature, available since 2023, is increasingly being turned against users to steal data, identities, and money.
Cases of this remote access fraud variant have been reported globally, including in the United Kingdom, India, and Hong Kong, where one victim lost HK$5.5 million (US$700,000) in a carefully orchestrated scheme.
Understanding this scam and taking preventive measures is essential for protecting your accounts and finances.
How the Scam Unfolds
The scam relies on psychological manipulation rather than technical wizardry, exploiting trust and urgency to make victims act impulsively.
The Call: Everything begins with a WhatsApp video call from an unfamiliar number. The scammer impersonates a bank representative, WhatsApp support agent, or even a friend in distress.
They spoof local phone numbers and keep video feeds disabled or blurry to conceal their true identity.
The Problem: The caller creates urgency by claiming unauthorized charges on your credit card, an open session needing closure, a pending prize requiring verification, or a risk of account suspension. This panic-inducing narrative is designed to bypass rational thinking.
Screen Sharing: The attacker asks you to share your phone’s screen, claiming they’ll resolve the issue remotely.
Victims may be instructed to install remote access applications like AnyDesk or TeamViewer. Scammers can intercept incoming text messages and WhatsApp verification codes critical credentials for account takeover.
Data Extraction: With real-time screen visibility, attackers steal passwords, 2FA codes, one-time passwords (OTPs), and capture screenshots.
They can manipulate victims into opening banking apps and initiating transfers under the guise of problem resolution. Some also trick users into installing malware like keyloggers that silently record sensitive information.
Financial Theft: Once attackers obtain verification codes and banking credentials, they drain accounts, hijack social media and online accounts, and impersonate victims to defraud their relatives and friends.
Protection Strategies
The scam’s effectiveness stems from three elements: trust (established through video calls from purported legitimate entities), urgency (created by fabricated problems), and control (granted through screen sharing or remote access tools).
Never share your screen with unknown callers. If you receive calls from unfamiliar numbers claiming to represent banks or service providers, hang up and contact the institution directly through verified channels.
Never disclose passwords, verification codes, or personal financial data over phone calls. Legitimate companies never request PINs, card details, or authentication codes through unsolicited communication.
Avoid installing remote-access applications at strangers’ behest. Tools like AnyDesk and TeamViewer grant comprehensive device control.
Verify alarming information independently before acting. Scammers deliberately rush victims into action through fear. Take time to confirm claims through official channels.
Enable two-step verification in WhatsApp by navigating to Settings → Account → Two-step verification → Set up PIN. This additional security layer prevents account access even if credentials are compromised.
Social engineering remains cybercriminals’ most potent weapon. A momentary lapse in judgment can result in devastating financial loss.
Awareness and skepticism form your strongest defense against these evolving threats. By maintaining a healthy suspicion toward unsolicited communications and following security best practices, you significantly reduce your vulnerability to screen-sharing scams and similar social engineering attacks.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.