Warning: Don’t Share Your Screen! The Rise of WhatsApp Screen-Sharing Scams

Published Date: November 11, 2025
Category: ShadowOpsIntel
Share:

This scam is a fast-growing form of remote access fraud that manipulates WhatsApp users into revealing sensitive data by tricking them into sharing their phone screens during a video call. Cases have been reported globally, including in the United Kingdom, India, and Hong Kong, where one victim lost US$700,000 (HK$5.5 million). The scam relies on psychological manipulation rather than technical wizardry.

Severity: Moderate

How The Scam Unfolds

StepAction by ScammerGoal/Deception
1. The CallInitiates a WhatsApp video call from an unfamiliar numberMasquerades as a bank/service representative, WhatsApp/ Meta support agent, or friend/relative in distress. The video feed is often disabled, dark, or blurry to hide their identity.
2. The ProblemCreates a sense of urgency by claiming there is an issueFabrication of problems like an unauthorized credit card charge, an open session needing closure, a pending prize, or an account suspension risk.
3. Screen SharingRequests the victim to share their screenOstensibly to “assist remotely” and resolve the alleged issue. Victims may also be asked to install remote access apps like AnyDesk or TeamViewer.
4. Theft of Data & MoneyViews the victim’s screen in real-timeSteals incoming WhatsApp verification codes (allowing account takeover), passwords, 2FA codes, and OTPs. They may also capture screenshots, trick the victim into making bank transfers, or dupe them into installing malware (like keyloggers). The ultimate goal is to drain accounts and hijack social media to continue the scam, often targeting the victim’s relatives and friends.

The combination of trust (a video call from a trusted-sounding entity), urgency (a fabricated problem), and control (granted via screen sharing) gives criminals near-total visibility into the victim’s phone.

Recommendations

  1. Never share your screen with someone you do not personally know, especially during an unsolicited call.
  2. Hang up if an unknown caller claims to represent a bank or trusted entity, and contact the institution directly through a verified channel.
  3. Never share passwords, verification codes, or financial data over the phone. Legitimate companies will not ask for this via unsolicited calls.
  4. Avoid installing remote-access apps like AnyDesk or TeamViewer at the request of strangers, as these grant full control over your device.
  5. Verify alarming information independently. Do not act impulsively; instead, contact your bank or relative directly through another channel.
  6. Enable Two-Factor Authentication (2FA) in WhatsApp. This provides a second factor needed to access your account, even if cybercriminals get your login credentials.
  7. Ensure mobile operating systems and security software are up to date.
  8. Educate employees and users on identifying and reporting social engineering scams.
  9. Run simulated phishing/social engineering campaigns including impersonation via video calls.

Source:

Enjoyed reading this Threat Intelligence Advisory? Stay updated with our latest exclusive content by following us on Twitter and LinkedIn

No related posts found.

Ampcus Cyber
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

 Contact Us