New WhatsApp Account Hack Exposed: How It Works in Seconds
- Cybercriminals are constantly innovating their strategies to defraud users, and WhatsApp remains a prime target.
- Related Story: WhatsApp to Allow Creation of Group Chat Icons with Artificial Intelligence
- The criminals exploit a vulnerability in WhatsApp's account recovery system.
WhatsApp Users Targeted by Refined Voicemail Phishing scam
Table of Contents
- WhatsApp Users Targeted by Refined Voicemail Phishing scam
- WhatsApp Voicemail Phishing Scam: FAQs and How to Stay Safe
- What is the WhatsApp Voicemail Phishing Scam?
- How Does the WhatsApp Voicemail Scam Work?
- What Can Scammers Do Once They Have My WhatsApp Account?
- How Can I Protect Myself from This WhatsApp Scam?
- What is WhatsApp Two-Step Verification and how Do I Enable It?
- What Should I Do If My WhatsApp Account Is Stolen?
- Are There Other WhatsApp Scams I Should Be Aware Of?
- What are Common Signs of a WhatsApp Scam?
- Key Differences: Legitimate Requests vs. Scam Attempts
- What Should I Do If I Receive a Suspicious Message on WhatsApp?
- Key Takeaways to Protect Yourself
Cybercriminals are constantly innovating their strategies to defraud users, and WhatsApp remains a prime target. A newly detected method exploits the voicemail feature to potentially steal accounts in seconds, granting access to a victim’s contact facts.
How the WhatsApp Scam Works
The criminals exploit a vulnerability in WhatsApp’s account recovery system. The process involves several steps:
- Attempted Login on Another Device: Scammers enter the victim’s phone number into WhatsApp on a different device, triggering an SMS verification code.
- Voicemail Interception: To prevent the message from reaching the victim directly, criminals call repeatedly until the line is busy or the WhatsApp call goes directly to voicemail. If the user has voicemail enabled, the verification code is stored in an audio message.
- Accessing Voicemail with Predictable Codes: Many mobile carriers use default passwords for voicemail access, such as 0000 or 1234. If the user hasn’t changed this PIN, criminals can access the voicemail and listen to the verification code.
- Account Takeover: With the code, scammers complete the verification process and seize control of the victim’s WhatsApp account. Once inside, they can send messages to contacts to perpetrate further scams, request money, or access personal information.

Protecting yourself from WhatsApp Scams
Here are several steps you can take to protect yourself from falling victim to this WhatsApp scam:
- Disable Voicemail: If you don’t use it, the best course of action is to disable it directly through your phone carrier.
- Configure a Secure Voicemail PIN: If you prefer to keep voicemail active, change the default PIN to a personalized one.
- Enable Two-Step Verification on WhatsApp: This feature adds an extra layer of security. In addition to the SMS code, a personal PIN will be required, which scammers cannot guess.
- Never Share Verification Codes: WhatsApp will never ask you to send a code to anyone. If you receive a suspicious message or call, ignore and report it.
- Be Alert to Persistent Calls: Receiving numerous calls in fast succession from unknown numbers could indicate a scam attempt.
What to Do If Your WhatsApp Account Is Stolen
If your WhatsApp account has been compromised, take these steps immediately:
- Attempt Account Recovery: Enter your number into WhatsApp and verify the access code.
- Notify Contacts: Inform your contacts not to respond to suspicious messages sent from your number.
- Contact Your Phone Carrier: Verify the security of your voicemail.
- Contact WhatsApp Support: If you cannot regain access, email support@whatsapp.com explaining the situation.
Beyond voicemail exploits, be wary of email phishing scams. A malicious email with the subject “New Incoming Voicemessage” has been circulating,targeting organizations across healthcare,education,and retail. These emails claim recipients have an “incoming voice message” on WhatsApp and often contain links to phishing websites designed to steal your credentials.
A new email phishing scam targeting victims claims recipients have an “incoming voice message” on messaging app WhatsApp.
Investment Scams on WhatsApp
Scammers may also use WhatsApp to promote fake investment opportunities, promising low-risk and high returns to encourage you to share personal information or money.These scams often focus on cryptocurrencies, stocks, bonds, commodities, and property.
A scammer could share a fake investment chance with the promise of low-risk and high returns to encourage you to share personal information or money.
key Takeaways to Protect Yourself
- always be skeptical of unsolicited messages or calls.
- Verify requests for personal information through official channels.
- Keep your WhatsApp application updated to the latest version.
- Report suspicious activity to WhatsApp support.
WhatsApp Voicemail Phishing Scam: FAQs and How to Stay Safe
WhatsApp is a popular messaging app,but like any platform,it’s vulnerable to scams.Recently, a sophisticated voicemail phishing scam has been targeting WhatsApp users. This Q&A guide provides comprehensive details on how the scam works and, most importantly, how to protect yourself.
What is the WhatsApp Voicemail Phishing Scam?
The WhatsApp voicemail phishing scam is a method where cybercriminals exploit WhatsApp’s account recovery system through voicemail to steal accounts. This allows them to access your contacts and personal information.
How Does the WhatsApp Voicemail Scam Work?
Here’s a breakdown of the steps involved:
- Attempted Login: Scammers enter your phone number into WhatsApp on another device.
- Voicemail Interception: They trigger an SMS verification code and then make repeated calls to force incoming WhatsApp calls to go directly to your voicemail.
- Voicemail Access: If you have voicemail enabled and haven’t changed the default PIN (like 0000 or 1234), they can access your voicemail.
- Account Takeover: They listen to the verification code in your voicemail and use it to take control of your WhatsApp account.
What Can Scammers Do Once They Have My WhatsApp Account?
Once scammers gain access to your account, they can:
Send messages to your contacts.
perpetrate further scams.
Request money from your contacts.
Access your personal information.
How Can I Protect Myself from This WhatsApp Scam?
Here are several steps you can take to protect yourself:
Disable Voicemail: If you don’t use voicemail, the best option is to disable it through your phone carrier.
Configure a Secure Voicemail PIN: If you use voicemail, change the default PIN to a personalized and secure one.
Enable Two-Step Verification on WhatsApp: This adds an extra layer of security.Go to WhatsApp settings and enable two-step verification with a PIN.
Never Share Verification Codes: WhatsApp will never ask you to send a code to anyone.
Be Alert to persistent Calls: Receiving many calls in quick succession from unknown numbers could indicate a scam attempt.
What is WhatsApp Two-Step Verification and how Do I Enable It?
Two-step verification adds an extra layer of security to your WhatsApp account. To enable it:
- Open WhatsApp.
- Go to Settings > Account > Two-step verification > Enable.
- Create a PIN that you can remember but others can’t guess.
What Should I Do If My WhatsApp Account Is Stolen?
If your whatsapp account has been compromised:
- Attempt Account Recovery: Enter your number into WhatsApp and verify the access code sent to your device. This might log the scammer out.
- Notify Contacts: Inform your contacts not to respond to any suspicious messages sent from your number.
- Contact your Phone Carrier: Verify the security of your voicemail.
- contact WhatsApp Support: If you cannot regain access, email
support@whatsapp.comexplaining the situation.
Are There Other WhatsApp Scams I Should Be Aware Of?
Yes, be wary of:
Email Phishing Scams: Malicious emails claiming you have a “New Incoming Voicemessage” with links to phishing websites.
Investment Scams: Scammers promoting fake investment opportunities promising high returns for sharing personal information or money.
What are Common Signs of a WhatsApp Scam?
Unsolicited messages or calls from unknown numbers.
Requests for personal information or money.
Promises of low-risk and high returns on investments.
Persistent calls from unknown numbers,especially if followed by a request for a verification code.
Key Differences: Legitimate Requests vs. Scam Attempts
| Feature | Legitimate Request | Scam Attempt |
| —————— | ————————————————– | ————————————————— |
| initiator | You initiate the action (e.g., logging in) | Unsolicited message or call |
| Information Asked | General information; never your verification code | Requests for verification codes, passwords, etc.|
| Urgency | No excessive pressure | High pressure, demands immediate action |
| Contact Method | Official channels, secure websites | Unofficial channels, suspicious links or attachments |
What Should I Do If I Receive a Suspicious Message on WhatsApp?
Do not click on any links or open any attachments.
do not share any personal information.
block the sender.
Report the incident to whatsapp support.
Key Takeaways to Protect Yourself
Always be skeptical of unsolicited messages or calls.
verify requests for personal information through official channels.
keep your WhatsApp request updated to the latest version.
* Report suspicious activity to WhatsApp support.
