Phishing Campaign Aims at WhatsApp Accounts

Gen researchers caution that a phishing campaign is trying to deceive users into connecting harmful devices to their WhatsApp accounts.

The assault starts with an uninvited message that reads, “Hey, I just found your photo!” and includes a link to a fake Facebook login page. The attackers are trying to gain access to victims’ WhatsApp accounts instead of attempting to steal users’ Facebook credentials.

The researchers clarify, “This page serves two purposes.” “To begin with, it fosters a feeling of familiarity that helps the user to have confidence in the page. There is an expectation among users for Facebook to request some form of confirmation periodically. It feels normal to see a login button or a verification step. Secondly, it functions as the assailant’s control center. The page does not connect to Facebook; instead, it serves as a mediator between the victim and the legitimate WhatsApp Web infrastructure that the attacker is exploiting.

The phishing page displays either a QR code or a field where the user is prompted to input their phone number. The assault unfolds in the following manner:

1. The victim enters their phone number on the fraudulent page.
2. The page sends that number to WhatsApp’s authorized “link device via phone number” function.
3. WhatsApp creates a pairing code that only the account owner is supposed to view.
4. The attacker’s site uses that code and presents it to the victim alongside text implying that they should ‘enter this in WhatsApp to confirm the login and see the photo.’
5. “The victim launches WhatsApp, notices the pairing request, and types in the code, thinking they are finalizing a security check.”

The attacker can send more phishing messages to the victim's contacts and get complete access to the victim's WhatsApp account after the rogue device has been linked.

Every day, PhishNext enables your employees to make more informed security decisions.  In addition, PhishNext, a remarkable Phishing Simulation Services platform, is trusted by more than 70,000 enterprises globally to improve their security culture and lower human risk.

Stop Attacks Like This Before They Reach Real Employees

To help staff identify warning signs before actual occurrences, our phishing simulation program reliably mimics complex attacks like the Facebook/WhatsApp device-linking scam. Without the need for spreadsheets or postponed follow-ups, it provides automatic training from the first click: when a user fails a simulated WhatsApp lure, they immediately receive AI-selected micro-learning catered to that specific error.

Hospital click-through rates decreased from 55% to 21%, businesses reduced the number of phishing-prone individuals by 80%+, and training completion rates often surpass 94%. With executive dashboards, real-time tracking, one-click personnel import, and 60-second tenant setup, you can measure behavior change with little administrative work and easily run WhatsApp-style simulations.

Trending Blogs

1. AI and Vishing Social Engineering Risks Aiming Businesses
2. Time Pressure is the Biggest Email Red Flag: Why?
3. Top 10 Impactful Ways to Enhance Cybersecurity Awareness with Behavioural Insights
4. Shipping-Themed Phishing Attacks Aiming at Middle East and Africa
5. Phishing, Vishing, and MFA Attacks Target Enterprise Identity Systems
6. Most Cmmon Passwords used in the Whole Year: Report
7. Human Risk Management and Security Awareness Training