惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Cisco Talos Blog
Cisco Talos Blog
V
V2EX
C
Check Point Blog
GbyAI
GbyAI
D
Docker
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
B
Blog RSS Feed
H
Hackread – Cybersecurity News, Data Breaches, AI and More
N
Netflix TechBlog - Medium
T
Troy Hunt's Blog
博客园 - Franky
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Microsoft Security Blog
Microsoft Security Blog
P
Privacy & Cybersecurity Law Blog
WordPress大学
WordPress大学
The Cloudflare Blog
S
SegmentFault 最新的问题
Latest news
Latest news
Microsoft Azure Blog
Microsoft Azure Blog
P
Proofpoint News Feed
I
InfoQ
博客园 - 【当耐特】
NISL@THU
NISL@THU
A
About on SuperTechFans
T
Tailwind CSS Blog
酷 壳 – CoolShell
酷 壳 – CoolShell
The Hacker News
The Hacker News
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Scott Helme
Scott Helme
雷峰网
雷峰网
C
CXSECURITY Database RSS Feed - CXSecurity.com
Security Latest
Security Latest
V
Vulnerabilities – Threatpost
Security Archives - TechRepublic
Security Archives - TechRepublic
A
Arctic Wolf
Hacker News: Ask HN
Hacker News: Ask HN
N
News and Events Feed by Topic
IT之家
IT之家
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
aimingoo的专栏
aimingoo的专栏
T
Threat Research - Cisco Blogs
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
阮一峰的网络日志
阮一峰的网络日志
SecWiki News
SecWiki News
大猫的无限游戏
大猫的无限游戏
S
Security Affairs
The Register - Security
The Register - Security
www.infosecurity-magazine.com
www.infosecurity-magazine.com
L
LINUX DO - 热门话题
T
Tor Project blog

WeLiveSecurity

Supply chain dependencies: Have you checked your blind spot? Recovery scammers hit you when you’re down: Here’s how to avoid a ‘second strike’ As breakout time accelerates, prevention-first cybersecurity takes center stage Digital assets after death: Managing risks to your loved one’s digital estate This month in security with Tony Anscombe – March 2026 edition RSAC 2026 wrap-up – Week in security with Tony Anscombe A cunning predator: How Silver Fox preys on Japanese firms this tax season Virtual machines, virtually everywhere – but not all protected Cloud workload security: Mind the gaps Move fast and save things: A quick guide to recovering a hacked account EDR killers explained: Beyond the drivers Face value: What it takes to fool facial recognition Cyber fallout from the Iran war: What to have on your radar Sednit reloaded: Back in the trenches What cybersecurity actually does for your business How SMBs use threat research and MDR to build a defensive edge Protecting education: How MDR can tip the balance in favor of schools This month in security with Tony Anscombe – February 2026 edition Mobile app permissions (still) matter more than you may think Faking it on the phone: How to tell if a voice call is AI or not PromptSpy ushers in the era of Android threats using GenAI Is Poshmark safe? How to buy and sell without getting scammed Is it OK to let your children post selfies online? Naming and shaming: How ransomware groups tighten the screws on victims Taxing times: Top IRS scams to look out for in 2026 OfferUp scammers are out in force: Here’s what you should know A slippery slope: Beware of Winter Olympics scams and other cyberthreats This month in security with Tony Anscombe – January 2026 edition DynoWiper update: Technical analysis and attribution Love? Actually: Fake dating app used as lure in targeted spyware campaign in Pakistan Drowning in spam or scam emails lately? Here’s why ESET Research: Sandworm behind cyberattack on Poland’s power grid in late 2025 Children and chatbots: What parents should know Common Apple Pay scams, and how to stay safe Old habits die hard: 2025’s most common passwords were as predictable as ever Why LinkedIn is a hunting ground for threat actors – and how to protect yourself Is it time for internet services to adopt identity verification? Your information is on the dark web. What happens next? Credential stuffing: What it is and how to protect yourself This month in security with Tony Anscombe – December 2025 edition A brush with online fraud: What are brushing scams and how do I stay safe? Revisiting CVE‑2025‑50165: A critical flaw in Windows Imaging Component LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan ESET Threat Report H2 2025 Black Hat Europe 2025: Was that device designed to be on the internet at all? Black Hat Europe 2025: Reputation is currency – even in the ransomware economy Locks, SOCs and a cat in a box: What Schrödinger can teach us about cybersecurity Seeking symmetry during ATT&CK® season: How to harness today’s diverse analyst and tester landscape to paint a security masterpiece The biggest catch: How whaling attacks target top executives Phishing, privileges and passwords: Why identity is critical to improving cybersecurity posture MuddyWater: Snakes by the riverbank Oversharing is not caring: What’s at stake if your employees post too much online This month in security with Tony Anscombe – November 2025 edition What parents should know to protect their children from doxxing Influencers in the crosshairs: How cybercriminals are targeting content creators MDR is the answer – now, what’s the question? The OSINT playbook: Find your weak spots before attackers do PlushDaemon compromises network devices for adversary-in-the-middle attacks What if your romantic AI chatbot can’t keep a secret? Can password managers get hacked? Here’s what to know Why shadow AI could be your biggest security blind spot In memoriam: David Harley The who, where, and how of APT attacks in Q2 2025–Q3 2025 ESET APT Activity Report Q2 2025–Q3 2025 How social engineering really works | Unlocked 403 cybersecurity podcast (S2E6) Ground zero: 5 things to do after discovering a cyberattack This month in security with Tony Anscombe – October 2025 edition Fraud prevention: How to help older family members avoid scams Cybersecurity Awareness Month 2025: When seeing isn't believing Recruitment red flags: Can you spot a spy posing as a job seeker? How MDR can give MSPs the edge in a competitive market Cybersecurity Awareness Month 2025: Cyber risk thrives in the shadows Gotta fly: Lazarus targets the UAV sector SnakeStealer: How it preys on personal data – and how to stay safe Cybersecurity Awareness Month 2025: Building resilience against ransomware Minecraft mods: When ‘hacking’ your game becomes a security risk IT service desks: The security blind spot that may put your business at risk Cybersecurity Awareness Month 2025: Why software patching matters more than ever AI-aided malvertising: How chatbots can help spread scams How Uber seems to know where you are – even with restricted location permissions Cybersecurity Awareness Month 2025: Passwords alone are not enough The case for cybersecurity: Why successful businesses are built on protection Beware of threats lurking in booby-trapped PDF files Manufacturing under fire: Strengthening cyber-defenses amid surging threats New spyware campaigns target privacy-conscious Android users in the UAE Cybersecurity Awareness Month 2025: Knowledge is power This month in security with Tony Anscombe – September 2025 edition Roblox executors: It’s all fun and games until someone gets hacked DeceptiveDevelopment: From primitive crypto theft to sophisticated AI-based deception Watch out for SVG files booby-trapped with malware Gamaredon X Turla collab Small business, big risk: How SMBs can fight back against ransomware HybridPetya: A Petya/NotPetya copycat comes with a twist Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass Are cybercriminals hacking your systems – or just logging in? Preventing business disruption and building cyber-resilience with MDR Under lock and key: Safeguarding business data with encryption GhostRedirector poisons Windows servers: Backdoors with a side of Potatoes This month in security with Tony Anscombe – August 2025 edition Don’t let “back to school” become “back to bullying”
Sharing is scaring: The WhatsApp screen-sharing scam you didn’t see coming
Christian Ali Bravo · 2025-11-05 · via WeLiveSecurity

Scams

How a fast-growing scam is tricking WhatsApp users into revealing their most sensitive financial and other data

05 Nov 2025  •  , 4 min. read

Sharing is scaring: The WhatsApp scam you didn’t see coming

Scams and other threats that are doing the rounds on messaging apps like WhatsApp are a stark reminder of how easily even trusted platforms can be weaponized against us.

One deceptive tactic that has gained traction recently involves tricking people into sharing their phone screens during a WhatsApp video call. The screen-sharing feature, available in WhatsApp since 2023, is increasingly being turned against the app’s users to steal their data, identities and money.

Cases of what is essentially a spin on remote access fraud have been reported from various parts of the world, including the United Kingdom, India and Hong Kong, where one victim lost no less than HK$5.5 million (US$700,000) in a carefully orchestrated ploy.

whatsapp-compatir-pantalla-scam
Screen sharing scam report from Brazil (source: Reddit)

Here’s what you should know about the scam and how you can stay safe from it.

How does the scam unfold?

As the goal is to build trust or create panic so that you act impulsively, the scam relies less on technical wizardry and more on psychological manipulation. Here’s how it typically unfolds:

1. The call

Everything starts with a WhatsApp video call from an unfamiliar number. The scammer masquerades as a bank or service representative, a WhatsApp or Meta support agent, or even a friend or relative of yours in distress. To appear legitimate, they spoof a local phone number while their video feed may be disabled, dark or blurry to conceal their true identity.

2. The problem

Next comes a sense of urgency. The caller will claim that there’s an unauthorized charge on your credit card, an open session on another device that needs to be closed, a pending prize that needs your verification, or a risk that your account may be suspended. The goal, of course, is to create a sense of panic and get you to act without thinking twice.

3. Screen sharing

The scammer then asks you to share your phone’s screen, ostensibly to assist you remotely so they can “resolve” the alleged issue. You may be asked to install a legitimate remote access app, such as AnyDesk or TeamViewer. Once you oblige, any incoming text messages and WhatsApp verification codes become visible to them. With those in their hands, the attacker can immediately take over your WhatsApp account. It gets even worse from here, however.

4. Access to personal data

With your screen visible to the bad actor in real time, they can also steal your passwords, 2FA codes, one-time passwords (OTPs), as well as capture screenshots or ask you to open your banking app and trick you into making bank transfers – all under the pretext of resolving the purported problem. They can also dupe their marks into installing malware, such as keyloggers, that silently records sensitive information for later theft.

5. Theft of accounts and money

After obtaining verification codes and banking data, scammers can drain your banking accounts and hijack social media and other online accounts and go on to impersonate you to continue to scam, this time targeting your relatives and friends.

How to protect yourself

The scam is effective because it exploits three potent ingredients: trust (created by a video call from a trusted entity), urgency (created by a fabricated problem), and control (granted through the screen sharing feature or a remote access tool). This combination gives criminals near-total visibility into your phone.

Staying safe from this scam, therefore, depends more on awareness and discipline than on technological safeguards. With that in mind, stick to these essential practices:

  • Never share your screen with someone you don’t personally know, doubly so during an unsolicited call. If you receive a call from an unknown number where the caller claims to represent a bank, online service provider or any other trusted entity, hang up and contact the institution directly through a verified channel.
  • Never share your passwords, verification codes or any personal or financial data over the phone. Online services, banks or any other legitimate companies will never ask for your passwords, PINs, or card details through unsolicited calls or messages.
  • Avoid installing remote-access apps at the behest of strangers as remote access tools like AnyDesk or TeamViewer can grant them full control of your device.
  • Verify alarming information independently. Be aware that scammers will try to rush you into action, typically by making you panic. Resist the urge to oblige; instead, take a deep breath and think.
  • If someone claims that there’s a problem with your bank account or your friend or relative is in trouble, contact your bank or your relative directly and through another channel before taking any action.
  • Enable 2FA in WhatsApp (called two-step verification in the app) by navigating to SettingsAccountTwo-step verificationTurn on or Set up PIN. That way, even if cybercriminals get hold of your login credentials, they will need this second factor to access your account.

Staying secure starts with skepticism

The scam described above is another reminder that social engineering remains one of the most powerful weapons in a cybercriminal’s arsenal. It also reveals how a momentary lapse in judgment can wipe out your life savings. In cases like these, therefore, awareness is your first and strongest line of protection.


Let us keep you
up to date

Sign up for our newsletters