Beware of fake WhatsApp subscription emails
WhatsApp users targeted in a phishing scam aimed at stealing banking details and personal information.
The scam email is sent by 'The WhatsApp Team' claiming "your subscription will be ending soon" and that in order to continue to use the service, you need to update your payment information. The email includes a link for victims to sign in to a customer portal and update their details.
Once complete, victims personal and financial details can be exploited by cyber criminals in multiple ways.
With over a billion WhatsApp users, the potential scale of this scam is significant. It’s likely to be quite effective too, especially as WhatsApp began as a paid subscription platform but has been free since 2016.
Users who once paid a subscription for the platform before may not think twice when they receive the email and click to renew.
What to do now
If you have fallen victim to this scam:
- Run an anti-virus scan immediately and remove any suspicious files.
- Change your WhatsApp login credentials.
- If necessary, take action to protect your financial information (such as contacting your bank).
- Report the scam to ACORN.
- Delete the email and do not reply to it.
- Share this alert with users of WhatsApp.
- Never click on email links requesting you to login to an ‘existing’ account. Instead navigate to the website and login from there.
- Use a spam filter to block deceptive messages from even reaching you.
- Understand that your financial institution and other large organisations (such as Amazon, PayPal, Google, Apple, Facebook and others) would never send you a link and ask you to enter your personal or financial details.
- Use safe behaviour online. Learn about how to use email safely and browse the web safely.
- Stay informed on the latest threats—sign up for the Stay Smart Online Alert Service. Often, you can also find information about the latest scams on the Australian Government’s Scamwatch website
Stay Smart Online has more information on steps you can take to protect yourself from phishing and what to do if you’ve been the victim of an online scam.
The information provided here is of a general nature. Everyone's circumstances are different. If you require specific advice you should contact your local technical support provider.