Overview
- Attackers impersonate support staff, bank representatives or known contacts and push targets to share their screens during WhatsApp video calls.
- When the SMS verification code appears on the shared display, scammers use it to register the number on another device and lock the user out.
- ESET reports cross-border incidents, including a Hong Kong case with about $5.5 million lost and a Brazil case where a victim’s banking app was accessed.
- Meta said it removed more than 6.8 million fraud-linked accounts in August 2025, yet new reports continue to surface, including in Argentina.
- Security guidance stresses never sharing screens or verification codes, enabling two-step verification, reviewing linked devices, reinstalling WhatsApp to trigger a new code, and contacting support and cybercrime units if compromised.