A new, coordinated wave of attacks using dangerous WhatsApp fraud methods is forcing authorities in several countries to issue warnings. The current attacks use malicious files and manipulated QR codes to take over accounts and steal banking data.
Global warnings about three new fraud patterns
Table of Contents
- Global warnings about three new fraud patterns
- Dangerous APK Trap: The “Salary Calculator” Scam
- QR Code Trap: The “Dance Contest” Scam
- Classic with a new twist: The “six-digit code” takeover
- Background: Why files and functions are the new target
- How to protect yourself: Five essential tips from the experts
Authorities in India, Great Britain and Singapore simultaneously warned of a new series of sophisticated WhatsApp scams over the weekend. The attacks, which are said to have increased significantly in the last 72 hours, use three different methods. Experts see this as a strategic shift by cybercriminals: away from simple phishing links and towards “malicious payloads” and exploiting WhatsApp features such as “Connected Devices”.
“The simultaneous increase in various, technically sophisticated methods indicates a coordinated change in strategy,” analyze security experts. Attackers are increasingly bypassing standard security measures.
Dangerous APK Trap: The “Salary Calculator” Scam
The most technically dangerous threat currently comes from manipulated ones Android Package Kit (APK) files out of. The Indian Cybercrime Coordination Center (I4C) issued a special warning about this on Saturday.
Fraudsters primarily contact government employees and pensioners via WhatsApp. They lure you with news about alleged salary adjustments by the “8th Pay Commission” and ask you to download a file called “8th CPC Salary Calculator”. This is not a document, but a malicious app.
The consequences are fatal: After installation, the criminals gain remote access to the smartphone. They can intercept SMS and one-time passwords (OTPs) and access banking apps without being noticed. Accounts are often emptied within minutes. Authorities emphasize: Government agencies never send software or salary information via WhatsApp APK.
QR Code Trap: The “Dance Contest” Scam
At the same time, a clever social engineering scam is spreading via fake competitions. The police in Singapore warned about this on Wednesday.
Users receive messages from supposed friends or family members whose accounts have already been hacked. The message asks you to vote for a child in a dance competition – including a link or QR-Code. If you scan the code, there will be no voting. Instead, you activate the “Connected Devices” function and unnoticed authorize the fraudster’s computer to access your own WhatsApp account.
The hacker can then contact the victim’s entire address book to spread the scam or solicit money under the pretense of distress. Singapore Police advises to immediately check the list of connected devices and remove unknown connections.
Classic with a new twist: The “six-digit code” takeover
A well-known account takeover method is experiencing a renaissance in the UK. It plays on the trust of the victims and their ignorance about the WhatsApp login.
The victim first receives an SMS with the six-digit WhatsApp verification code. This is shortly followed by a WhatsApp message from a “friend” (whose account has already been compromised). He claims to have accidentally sent the code to the wrong number and asks that it be forwarded.
In fact, this code is the key to log into the victim’s account on a new device. Whoever passes it on hands over control. The fraudster then activates two-factor authentication and locks the actual owner out of his own account. British experts emphasize: The verification code should never be passed on to third parties – no matter who asks.
Background: Why files and functions are the new target
Security analysts see this trend as a response to improved email filters and SMS blocking. Attacks via files (like the APK) or the exploitation of app functions (like “Connected Devices”) are becoming more attractive.
For example, the “salary calculator” scam takes advantage of Android’s ability to „Sideloading“ of apps. By convincing users to bypass the protected Google Play Store, the malware evades standard security checks. Reports of “zero-click” vulnerabilities, where just receiving a file is enough, underline the danger.
How to protect yourself: Five essential tips from the experts
Cybersecurity organizations have published uniform recommendations for action in view of the new threat situation:
- Disable “Install unknown apps”: Android users should block APK files from being installed from messengers in their device settings.
- Check connected devices: Regularly check the “Connected devices” section in the WhatsApp settings and end unknown sessions.
- Enable two-factor authentication: This PIN when registering your account prevents takeovers, even if fraudsters have the SMS code.
- Verify “emergency” requests: If you have any unusual requests for money or codes, always call the contact directly.
- Ignore unofficial computers: Only access financial data via official websites or banking apps, never via chat files.
Advertisement
If you want to protect yourself from such WhatsApp attacks, a compact guide with practical protective measures will help. A free e-book explains current cyber threats, how criminals attack via files and functions, and which simple settings you can implement immediately – even without IT expertise. Download the free cyber security guide now
The authorities’ quick reactions show the growing international awareness of the problem of fraud via mobile phone messages. But experts warn: The best defense remains user vigilance. Any unexpected request – even from friends – should be viewed with healthy skepticism.
date: 2026-02-14 13:29:00