Overview

• Bitdefender reports an ongoing campaign using fraudulent voting links to harvest phone numbers and WhatsApp verification codes for account takeovers.
• Investigators have tracked 177 malicious domains and 554 unique URLs in the past two months, targeting thousands of users.
• The lure often appears to come from a known contact with a message such as “Please vote for Adeline,” leading to a fake site that requests the one-time code.
• Once the code is shared, attackers can re-register the number, lock the owner out, and impersonate them to extract money or data from their contacts.
• Most cases observed are in Germany, Poland and Romania, with warnings that UK users could be targeted next; guidance urges users to never share verification codes, verify requests by phone, report suspicious messages, and if compromised to request a new code, contact WhatsApp support, alert their bank, and inform contacts.