Preloader

WhatsApp Phishing with Fake Voting Pages

WhatsApp Phishing with Fake Voting Pages

WhatsApp Phishing with Fake Voting Pages

Cybersecurity researchers have reported a new phishing wave targeting WhatsApp users. Attackers design fake “online voting” pages and spread deceptive messages through social networks to steal login credentials and take over accounts.

How the Scam Works

Hackers build convincing voting pages that look like legitimate websites, complete with participant images, a “Vote” button, and vote counters.

Using AI automation and multilingual phishing tools, these pages appear in languages such as English, Spanish, German, Turkish, Danish, and Bulgarian.

In the first stage, victims receive a message like:

“Hi! My niece is in a contest, please vote for her — it’s really important!”

The message may come from friends or relatives whose accounts were already compromised.

In the second stage, after clicking “Vote,” the user is asked to enter their WhatsApp‑linked phone number for “quick identity verification.” In reality, this number is used to initiate unauthorized account access.

In the third stage, attackers exploit WhatsApp Web. When the phone number is entered, WhatsApp generates an eight‑digit one‑time verification code. The fake site displays this code and instructs victims to enter it under “Linked Devices.”

Believing it’s part of the voting process, victims actually link their accounts to the attacker’s device.

Once that code is submitted, the attacker gains full access — reading, sending, or deleting messages, impersonating the victim, and spreading more phishing links to other users.

If You Suspect a Hack

  1. Open WhatsApp → Settings → Linked Devices.
  2. Review all active devices.
  3. Immediately disconnect any unknown browser or device.

Security firm Kaspersky has published a detailed recovery guide outlining hack indicators and steps to regain access.

How to Protect Your WhatsApp Account

  • Never participate in suspicious “voting” or “contest” links that require messenger verification.
  • Do not click unknown links — even if they come from trusted contacts.
  • Avoid entering personal data into websites received via message or social media.
  • Pay attention to browser warnings about unsafe sites.
  • Enable two‑step verification on WhatsApp to block unauthorized logins.
  • Install only the official WhatsApp version from Google Play or App Store.
  • Regularly check linked devices and remove suspicious entries.
  • Use trusted anti‑phishing and cybersecurity tools to block dangerous links.

    Source: MedadPress
    www.medadpress.ir