Fraudsters take over accounts
Wrong call for help lets WhatsApp users fall into the trap
Updated on March 21, 2025 – 06:04 a.m.Reading time: 3 min.
A friend asks WhatsApp message for a favor. But when the recipient responds to the call for help, criminals take over her WhatsApp account. This is exactly what a woman from Hamm has happened. And it is not an isolated case.
Again and again fraudsters get access to foreign WhatsApp user accounts and block their real owners. Then use the wrong WhatsApp identity, for example to sneak money on friends and contacts of the original owner or send spam messages.
The fraud stitch is already known and, according to various media reports, has been increasing again since the beginning of the Corona crisis. The local news page Wa.de, which belongs to the publisher of the “Westfälische Anzeiger”, recently reported a case from Hamm.
According to the report, 45-year-old Kathrin B. is said to have received a WhatsApp message with the following wording: “Hello, sorry, I accidentally sent you a 6-digit code via SMS. Can you please pass it on to me?” The message seemed to come from a good friend, so the recipient readily followed when she actually received a code from the “WhatsApp” sender shortly afterwards.
At that moment the trap snapped: the woman was on the mind and unknowingly gave them access to their WhatsApp account-just like her girlfriend, who had fallen for the same trick.
The trick is not a hack or security gap, but classic, completely human fraud.
The point of attack is a security mechanism: If you want to set up a WhatsApp account on a new device, you have to prove that you still have access to the mobile phone number, which is previously linked to this account: WhatsApp sends a SMS with a number code to this cell phone number. This allows the account to be activated on another device.
The fraud then works as follows: With an account that has already been taken over, the attacker writes a different contact and explains that he has problems receiving the six -digit code of WhatsApp. Therefore, the code is now being sent to the contact of the contact. As soon as he received it, he may send it back.
The Twitter user Rupert Myers shows how this can look: In this WhatsApp message from an unknown number it says in bad English: “Hello, sorry, I accidentally sent you a 6-digit number code via SMS. Can you forward it to me? It is urgent.”
“Don’t fall on it – it’s a trap,” warns Myers his followers. In this case, the fraud is easier to see through because he does not know the sender. However, the perpetrators often use a friend or acquaintance that has already been taken over and write to his contacts.
Under these circumstances, the victim becomes less suspicious and forwards the code to help-without guessing that it is the security code for your own WhatsApp account. As soon as the attacker has received it, he takes over the WhatsApp account and blocks the victim.
Kathrin B. from Hamm, according to his own statements, still had enough time to warn all of her contacts of similar attempts to fraud under her number. Then she tried to avert the account takeover by reinstalling WhatsApp. Unfortunately, this does not help in such a case.
To do this, your own WhatsApp account can be restored later with the help of a new code. For this, however, you have to plan waiting time, because WhatsApp allows only a limited number of new registrations within a certain period of time.
But even if the account and all chats are restored, the bad feeling remains that the fraudsters have probably already sent countless messages to the contacts during the time when they had control over the WhatsApp account. So the snowball system continues to roll.
Protecting this or similar attacks is simple: forwarding friends or well-known security codes, TAN numbers or the like. And if there is a case in which any code or password has to be sent by message, then the person concerned is definitely calling and clarifying with her whether she actually made this request.
