6 months ago
2
WhatsApp, erstwhile simply a societal media level for communication, has evolved into an indispensable portion of regular beingness — extending its scope from idiosyncratic messaging to concern coordination and adjacent authoritative connection specified arsenic work of summons. However, the expanding reliance connected the app has besides exposed users to caller forms of cyber threats, constabulary said.
Despite its end-to-end encryption, WhatsApp is witnessing a surge successful hacking-related scams that exploit idiosyncratic negligence. In Tamil Nadu alone, the Cyber Crime Wing has recorded implicit 3,000 specified complaints successful 2025.
Additional Director General of Police, Cyber Crime Wing, Sandeep Mittal said, “Being an end-to-end encrypted connection medium, immoderate careless oregon negligible usage costs immense sums of money, reputational damage, affectional accent and adjacent beingness arsenic a penalty. Recently, we person seen an summation successful WhatsApp hacking scams.” There is nary azygous modus operandi successful WhatsApp hacking scams. But each the communal tactics impact a premix of method tricks and convincing users their actions are harmless oregon adjacent necessary.
A communal attack is an OTP/verification-code scam, wherever the scammers instrumentality a people into revealing the 6-digit SMS oregon in-app codification that WhatsApp sends during login. This is typically done by telephone calls oregon chat messages pretending to beryllium tech support, a bank, oregon adjacent a person asking - “I didn’t get the codification — delight guardant it.”
A caller question of targeted WhatsApp fraud uses fake RTO (Regional Transport Office) challan messages to instrumentality conveyance owners into installing malicious software. The connection looks alarmingly existent which includes the victim’s conveyance number, a little statement of the alleged offence, and a clickable “pay challan” link. Because postulation fines are time-sensitive and galore radical dainty RTO notices arsenic official, recipients often enactment rapidly without pausing to verify the source, an serviceman of the Cyber Crime Wing explained.
As soon arsenic the idiosyncratic taps the link, he/she is prompted to download an Android APK file. Once installed, the app requests intrusive permissions (access to SMS, contacts, notifications, oregon accessibility services). Those permissions let the malware to work one-time passwords (OTPs), seizure verification messages, seizure idiosyncratic contacts and messages.
Also, the contacts are utilized for unauthorized transactions oregon to impersonate the unfortunate to defraud their contacts. The scammers often maltreatment the spot of radical chats and interaction lists to propagate outgo requests, fake invoices.
“Tamil Nadu Cyber Crime Wing has received astir 3,161 complaints successful 2025 on the WhatsApp Hacking scam and this scam tin beryllium easy prevented erstwhile our communal consciousness is applied. Certain measures tin easy safeguard radical from specified scam,” said Mr. Mittal.
