:format(webp):quality(100)/https://www.go4it.ro/wp-content/uploads/2025/01/frauda-whatsapp-romania.jpg?w=750&resize=750,111&ssl=1 "A new fraud targets Romanian WhatsApp users")
The National Cyber Security Directorate (DNSC) is sounding the alarm about a dangerous smishing fraud attempt (phishing via sms).
Attackers are targeting users of the WhatsApp platform, using fake messages to compromise their accounts and launch new attacks.
How the method works
Attempt to fraud involves a seemingly innocuous message inviting recipients to vote for an imaginary competition.
The text used by the attackers includes an emotional story about “Adeline”, a girl who needs support to win a scholarship. The message contains a link to a fake site that ends with the extension .top/home and the words “dance” and “vote”.
Once there, users are asked to log in to WhatsApp in order to vote.
After entering the phone number and verification code received via SMS, the attackers gain full access to the victim’s WhatsApp account. From here, they send similar messages to the victim’s contacts or request money under urgent pretexts.
What do victims risk?
Once attackers take control of an account, the consequences can be severe:
- The victim’s contact list is exposed to the same fraud attempts.
- Account may be suspended due to spam activity.
- Victims can lose large amounts of money if they respond to attackers’ financial demands.
Messages requesting money are worded in such a way as to create a sense of urgency, such as: “Hi, can you lend me 1800 RON? I need it on my card or Revolut, I’ll give it back to you tomorrow.”
If the victim sends money, the attackers keep asking for additional amounts until the victim realizes the situation.
How you can protect yourself
DNSC recommends several measures to prevent such incidents:
- Avoid clicking on links in messages received from unknown sources.
- Never provide verification codes or other sensitive information via messages.
- Enable two-step authentication (2FA) for your WhatsApp account.
- Periodically check the devices associated with the account and remove the unknown ones.
What to do if you are a victim
If you suspect you have been the victim of such an attack, act quickly:
- Go to WhatsApp settings and disconnect suspicious devices.
- Contact your bank if you have made payments to the attackers to block any further transactions.
- Report the incident to DNSC through the PNRISC platform or the emergency number 1911.
- Notify affected contacts to protect them from possible similar attacks.
DNSC provides a complete guide to securing and recovering accounts on their official website.
Source: www.go4it.ro
