Safer Web

8 common WhatsApp scams and how to avoid them

Ray Fernandez

Jul 17, 20239 min read

8 common WhatsApp scams and how to avoid them (Header image)

Cons and scams are far older than the internet. And while such schemes have increased in the digital age, most are simply variations of old tricks that criminals use to steal, damage, spy, or cause harm. As new generations shift their presence, preferring text messages over phone calls, WhatsApp scams are reaching new highs. 

The scammer’s WhatsApp playbook is filled with sophisticated cons that cybercriminals use to either run massive campaigns or specifically target individuals. Let’s take a look at some of the most common scams on WhatsApp and how to defend yourself against them in this guide designed to help you stay safe and enjoy your WhatsApp experience — without complicating your life. 

The 8 most common WhatsApp scams to watch out for

This list will dive into the most recent scam trends and techniques and reveal how they work. The following scams can bypass WhatsApp security features, so it’s essential that you understand how they operate so you won’t fall for them.

1. The desperate son

This scam is simple but effective because it preys on basic human emotions and behavior. To pull off this trick, cybercriminals only need to search for victims who are parents. Once he has the mother’s or father’s phone number, they send them a text impersonating their son or daughter.

How it works:

  1. You receive a WhatsApp message from an unknown number claiming to be your son or daughter.
  2. The cybercriminal gives a convincing reason why your son is contacting you from an unknown phone number (lost phone or borrowing a friend’s phone).
  3. Immediately the scammer presents a desperate situation that requires urgent attention.
  4. The scammer asks for money to solve the “desperate situation” and provides a bank account or digital wallet for the transfer.

To avoid this scam: If you are a parent and your son or daughter contacts you with an urgent problem from an unknown phone via WhatsApp text asking for money, call your son or daughter immediately. Once you confirm that it is a scam, report, delete, and block the WhatsApp scammer’s contact info.

2. Crypto romance scammers

Can you be catfished on WhatsApp? Not only is this a possibility, but the Federal Trade Commission has revealed that over 46,000 people reported more than $1 billion in crypto scam losses in 2021. And approximately one in every three of those dollars were lost to crypto romance scams.

Crypto romance scams are usually conducted by transnational criminal organizations that target WhatsApp users in the United States from distant countries, making intervention by law enforcement and recovery of funds very complicated. Romance-related crypto fraud led the ranks of WhatsApp scams in 2021.

How it works:

  1. Via social media, the attacker seduces you and eventually asks for your WhatsApp number to continue the relationship. 
  2. After weeks or even months, the attacker will present the possibility to invest in crypto with high gains or ask for money to resolve a situation. Sometimes they ask for money to travel to see you. 
  3. If you invest in crypto, attackers often use fake e-wallets, and every dollar you send to these sites goes into the attacker’s account. 
  4. After drying up your financial resources, the romance scammer will either reveal their true identity or disappear from your life. This leaves many victims traumatized and heartbroken. 
  5. Sometimes, after the scam is completed, the scammer will contact you again, this time impersonating a person who can recover your money in exchange for a fee. This, of course, is not true and only leads to further losses. 

3. The Nigerian prince scam

One of the oldest scams on the internet is the Nigerian prince scam. Initially, this one was carried out via email, but it has recently moved to WhatsApp. The scam involves tricking users into believing there is an inheritance or reward to be gained if they help a wealthy individual who’s down on their luck (popularly a prince from Nigeria). Naturally, this individual is actually a scammer.

How it works:

  1. The attacker creates a fake WhatsApp profile, contacts you explaining that he is a wealthy individual, and presents the scam.
  2. There are many variations of this con. The scammer may claim that you have inherited some money and just need to pay some taxes to retrieve it, or they may ask for your tax information to help you transfer the funds. 
  3. If you fall for the scam and give away the money, you will never hear from him again.

To avoid this scam: Don’t talk to strangers over WhatsApp, especially when they present suspicious stories or ask you for money or sensitive personal information. Block and report the contact and delete the conversation.

4. Fake blackmail

In this scam, cybercriminals pretend to have obtained sensitive information, videos, or photos from you. They will ask for money in exchange for not releasing the files to the public. The scam is similar to ransomware extortion, but the main difference is that the scammer never hacked you, nor does he have the files or information.

How it works:

  1. The attacker contacts you assuring that he has obtained sensitive files.
  2. He asks for funds in return for the files and promises not to leak the information or make it public. The scammer may even show you some photographs or information he obtained via a quick search of your social media to apply pressure.
  3. The scammer usually demands cryptocurrency payments and may continue blackmailing you, or they may simply disappear.

5. The verification code con

One of the most-used methods to hack a WhatsApp account is to trick users into giving away verification codes. Once a hacker has your verification code, he can change the number on your WhatsApp, along with all verification methods, and block you out of your own account. He might also use this access to breach your accounts on other sites or hack your friends, family, and contacts. This is a common WhatsApp phishing technique used not only to hack individuals but to gain access to organizations.

How it works:

  1. You first get a push or an SMS verification with the WhatsApp verification code that you did not request.
  2. The attacker then contacts you and explains that he made a mistake when putting in his phone number and asks you if you could share the code you received.
  3. If you share the code, you are sharing full access to your WhatsApp account and will lose control over it.

To avoid this scam: Not only should you not respond to unknown contacts demanding suspicious actions from you, but you should also always ensure that your verification number is correct and has not changed.

6. WhatsApp Gold scam

The WhatsApp Gold scam has been around for several years. The reason it’s still used is that it is simple but effective.

How it works:

  1. You get a WhatsApp message that looks very official and offers you an upgrade to WhatsApp Gold, a premium service of messenger applications that does not exist. 
  2. While the fee to get this fake, nonexistent premium service is low, once you pay attackers, they steal your financial credentials.
  3. If you ignore the message and block and report the scammer, nothing will happen. But if you fall for it, you will suffer financial losses and never be able to recover your money.

7. Friends and family scam

Once a cybercriminal hacks a WhatsApp account, he will begin scamming that account’s contacts. That includes friends, loved ones, and families. In this scam, attackers use a hijacked account to trick users into giving away money or credentials.

How it works:

  1. You will first get a WhatsApp message from a cybercriminal posing as your friend, a family member, or a partner.
  2. The message will create a story with urgency. They will ask for help and demand money, or they’ll ask you to verify a code or share personal information.
  3. As with all attacks, the hacker will vanish into thin air once the scam is complete.

8. Lottery, gifts, or surveys

Cybercriminals preying on victims via WhatsApp will often claim that users have won the lottery or earned a gift. All they have to do to gain access to their prize is complete a survey. The purpose of this scam is mainly financial theft, but sometimes, when downloading documents or surveys from the scammer, they will install malware to steal data.

How it works:

  1. You will first get a WhatsApp message from cybercriminals promising a gift, asking you to take a survey, or congratulating you for winning the lottery. The messages are designed to look very legitimate and convincing.
  2. The sender then can ask for a fee in return for the prize, your personal tax information, or your credit card or bank information to confirm. They can also direct you to download a document or fill in a survey on a website that contains malware.

To avoid this scam: Always check with official sources if an agency or organization contacts you. It might just be someone posing as a representative. In general, always question anything that sounds too good to be true.

The 8 scams detailed above are just the tip of the iceberg when it comes to cons that are trending on WhatsApp. Others include WhatsApp tech support, the WhatsApp text bomb, call forwarding, and QR code scams. Fortunately, there are ways to keep safe from con artists and scammers on WhatsApp.

How to protect yourself from scams on WhatsApp

Cybercriminals are constantly creating new ways to trick victims. Keeping up with every different strategy would be impossible. However, there are some simple tricks you can use to protect yourself.

1. Don’t talk to strangers

Cybercriminals do not use complex hacking tricks to execute the majority of WhatsApp scams. All they need for most cons to work is for you to willingly engage with them in some way. A high percentage of fraud starts when a user receives a message from an unknown contact with suspicious demands. The rule of thumb is never to talk to strangers. Report, mute, and block the user immediately without responding. If you don’t talk to the scammer, they cannot run their con. 

2. Check your privacy settings

When you create your WhatsApp account, your privacy settings are set at the most relaxed customization possible by default. This means that any WhatsApp user can see information such as your profile image, when you log in, if you read messages that are sent, and if you are online. Contacts can also see your status updates, and any user, whether he is one of your contacts or not, can add you to groups. Limiting access to this information will make it more difficult for scammers to trick you.

3. Guard your verification codes

Verification codes are critical to getting access to your WhatsApp account. Be very vigilant if you receive a verification code you have not requested. Whether you get one via SMS, a phone call, or push notifications, never share your codes with anyone, no matter how believable the story they present.

4. Report, block, and delete

If you get any suspicious messages or are in doubt about a contact, immediately report, block, and delete it. This will not only prevent the attacker from contacting you again but will notify WhatsApp’s support and security team so that the contact cannot try to scam others. The scammer, once identified by the WhatsApp security team, will face legal consequences, and the block will prevent them from doing further harm.

How can you stop getting scam messages on WhatsApp?

Besides changing your privacy settings, there is no way to avoid getting spam messages or spam calls. WhatsApp recognizes the issue and says, “Just like regular SMS or phone calls, it’s possible for other WhatsApp users who have your phone number to contact you.” WhatsApp’s advice is to delete and block spam or unwanted messages.

How to report a WhatsApp fraud

You must report scams — not just block them, mute them, or delete them. And you can report a scam or fraud in just a few simple steps. 

To report a user:

  1. Open the chat with the user you wish to report.
  2. Press Options and select View contact.
  3. Press Report and Block (or only Report).

When this is done, WhatsApp will receive the last five messages sent to you by the person you reported. The scammer will not be notified that you have reported them. WhatsApp also receives the reported group or user ID, information on when the message was sent, and the type of message sent (image, video, text, or other).

You can also block a user or group to stop getting messages, calls, or files from them.

To block a contact:

  1. Navigate to Options > Settings > Account > Privacy > Blocked > Add new…
  2. Search for or select the contact you want to block.
  3. Press Block.


  1. Open a chat with the contact you want to block.
  2. Navigate to Options > View contact > Block.

If you feel that you or someone you know are in immediate danger, contact local authorities.

With over 2 billion active users, WhatsApp is the world’s most-used instant messaging app. WhatsApp scams, frauds, cons, and hacks are not showing any sign of slowing down. In fact, quite the opposite. Fortunately, you can practice simple security policies that require no technical knowledge to stay safe.

Ray Fernandez Ray Fernandez
Ray has been covering tech and cybersecurity for over 15 years. His work has appeared on TechRepublic, VentureBeat, Forbes, Entrepreneur, and the Microsoft Blog, among others.