COLOMBO, July 30, 2025
Sri Lanka is experiencing a significant increase in cybercrime, with a notable rise in WhatsApp scams targeting individuals across the nation. The surge in fraudulent activities has raised concerns among citizens and authorities alike.
Prevalence of WhatsApp Scams
Investigations have revealed that scammers are employing various tactics to deceive users into revealing their WhatsApp One-Time Password (OTP) numbers. Once obtained, these credentials grant unauthorized access to victims’ accounts, leading to potential financial losses and privacy breaches.
Methods Employed by Fraudsters
Cybercriminals are utilizing several strategies to execute these scams:
- Impersonation of Trusted Contacts: Attackers often pose as familiar contacts or professionals, inviting victims to join online meetings. During these interactions, they request the OTP, claiming it’s necessary for meeting access. Once the victim shares the code, the hacker gains control of the WhatsApp account.
- Manipulation of Call Forwarding Settings: Scammers trick users into dialing specific codes that reroute their calls to the attacker’s number. This allows the hacker to intercept verification calls and gain access to the victim’s WhatsApp account.
- Malicious Software Distribution: Fraudsters distribute malware disguised as legitimate apps or links. Once installed, this software monitors WhatsApp messages, contacts, and activities, compromising user privacy.
Exploitation of Victims’ Identities
After gaining control of a victim’s WhatsApp account, hackers exploit the individual’s identity to solicit money from their contacts. For instance, they may request funds under the guise of emergencies or business transactions, leading to financial losses for the victim’s acquaintances.
Preventive Measures
Authorities and cybersecurity experts advise the public to take the following precautions to protect themselves from WhatsApp scams:
- Do Not Share OTPs: Legitimate services will never ask for your One-Time Password. Refrain from sharing this information with anyone.
- Enable Two-Step Verification: Activating this feature adds an extra layer of security to your account.
- Verify Unexpected Requests: If you receive unexpected requests for money or sensitive information, confirm the identity of the requester through a separate communication channel.
- Report Suspicious Activities: Notify the Sri Lanka Computer Emergency Readiness Team (SLCERT) or the police cybercrimes division if you encounter suspicious activities.
- Avoid Unofficial Apps: Download applications only from official app stores to minimize the risk of installing malicious software.
- Regularly Update Your Device: Keeping your operating system and apps updated ensures you benefit from the latest security patches.
Conclusion
The rise in WhatsApp scams in Sri Lanka underscores the need for heightened awareness and vigilance in the digital realm. By adopting recommended security practices and staying informed about potential threats, individuals can better protect themselves from falling victim to cybercrimes.
For more information on cybersecurity and to report incidents, visit the Sri Lanka Computer Emergency Readiness Team (SLCERT) website or contact local law enforcement agencies.
Leave a comment