A new and rapidly growing scam is targeting WhatsApp users worldwide, exploiting the platform’s screen-sharing feature introduced in 2023. Cybercriminals are using this tool to trick victims into revealing highly sensitive financial and personal information.
Cases have been reported across the United Kingdom, India, Hong Kong, and Brazil, including a major incident in Hong Kong where a victim lost HK$5.5 million (US$700,000). The scam shows how easily trusted communication apps can be turned into attack vectors when social engineering is combined with direct access to a user’s screen.
This operation relies entirely on manipulation rather than advanced malware. Attackers make unsolicited WhatsApp video calls while pretending to be bank officials, Meta support staff, or even distressed family members, convincing users to share their screen and unknowingly expose critical data.
How Attackers Create Credibility and Urgency
Attackers use several tactics to appear credible. They often spoof local phone numbers and keep their video feed blurred or disabled to avoid revealing their identity.
To pressure the victim, they create a sense of urgency by claiming suspicious account activity, unauthorized credit card charges, or pending verification issues that require immediate action.
According to ESET security researchers, this scam is a highly effective form of remote access fraud because it combines three powerful elements: the trust created by impersonating an authority figure, the urgency generated through false threats, and the control gained through screen-sharing or remote access tools. Together, these factors give criminals near-complete visibility into a victim’s smartphone.
Once a user begins sharing their screen, the attacker’s access becomes extensive. They can see passwords, two-factor authentication codes, one-time passwords, and banking apps in real time. They may capture screenshots, direct victims to open financial apps, or persuade them to approve unauthorized transfers while pretending to “resolve” an issue.
In many cases, attackers escalate the scam by convincing users to install remote access apps like AnyDesk or TeamViewer, granting full control over the device. Some victims also unknowingly install malware such as keyloggers, which silently record sensitive information for later misuse.
From a technical standpoint, the risk is severe. If attackers gain access to incoming messages and WhatsApp verification codes through screen-sharing, they can immediately take over the victim’s WhatsApp account. With full account access, they can view conversations, financial information, and contacts.
Criminals then use the hijacked account to steal money, take over social media profiles, and impersonate the victim to target friends and family, creating a chain reaction of fraud.
Preventing Screen-Sharing Fraud
Protecting against this threat relies mostly on user awareness and careful behavior. Screen sharing should never be granted to unknown or unsolicited callers, and any urgent claims should be verified directly with official sources.
Enabling WhatsApp’s two-step verification (Settings → Account → Two-step verification) adds an essential layer of protection, ensuring attackers cannot access the account even if they obtain verification codes.
This scam underscores a core truth in cybersecurity: social engineering remains one of the most powerful tools for criminals. Staying skeptical, alert, and cautious is the strongest defense against these attacks.
Leave A Comment