Source: OT-Team(G)
Recently, some users reported receiving text messages claiming to be from the "WhatsApp Security Center".
近日,有网友反映收到一条以"WhatsApp安全监测/安全验证"为名的短信。
The message warned:
"Security reminder: Due to frequent network switching or inconsistent local IP addresses, your account has been flagged as a potential security risk. Please visit the Security Center for verification immediately. Otherwise, communication functions will be disabled within 12 hours."
信息内容称:
"安全中心提醒您:由于您频繁切换网络或本地网络IP不一致,系统检测到您的账号存在潜在安全风险。为确保账号正常使用,请立即前往安全中心进行安全防护验证,否则12小时后系统将启用通讯禁用功能。"
At first glance, the message appears official — but it's actually a well-crafted phishing scam. Fortunately, one cautious user decided to verify it online before taking any action and discovered that many others had received similar messages and fallen victim to the same trick.
1. What Happens If You Click "Verify"?
一、点击"验证"后会发生什么?
According to a victim's account:
一位受害网友分享了自己的经历:
"The scammer first tells you your account is at risk and may be locked. The link looks like an official WhatsApp site, but the writing is slightly off. Once you click, it asks you to choose your device (iPhone/Android), creating a fake 'system verification' illusion. Then it instructs you to 'link a new device,' effectively allowing the scammer to log in to your account from their computer. From there, they can impersonate you, access your contacts, and communicate with your clients."
"对方声称我的账号存在风险,需要立即解除限制,否则会被封禁。短信链接看似来自WhatsApp官方,但仔细观察能发现语句存在问题。点击链接后会要求选择手机型号(iPhone/Android),页面跳转极快,营造出'系统自动验证'的假象。接着会出现操作指示,实则是在引导我'关联新设备',允许对方在其他终端登录我的账号。这样一来,对方即可冒充我与客户沟通、查看联系人信息,甚至继续实施诈骗。"
If the victim hesitates, the scammer sends repeated warnings, threatening permanent account suspension to pressure compliance.
如果用户未及时操作,对方还会不断发送"账号将被永久封禁"等恐吓信息,迫使受害者上钩。
2. How Do Scammers Exploit a Stolen Account?
二、账号被盗后骗子如何行骗?
A foreign trade professional shared that once scammers gain access, they typically:
一位外贸从业者透露,骗子通常会:
(1) Review recent chats to locate pending business deals;
(4) Spam multiple contacts, leading to the account being flagged and banned by WhatsApp.
(4) 群发诈骗信息,导致账号被平台封禁。
3. Why Victims Often Don't Notice
三、为何受害者察觉不到异常?
WhatsApp provides two delete options:
WhatsApp有两种消息删除方式:
(1) "Delete for everyone" — leaves a visible trace ("You deleted this message").
(1)"在所有人设备上删除":聊天记录中会显示"你已删除此消息";
(2) "Delete for me" — removes the message from both the phone and linked device with no visible trace.
(2)"仅为我删除":可同时清除手机端和电脑端内容,不留任何痕迹。
Scammers exploit the second option by deleting messages immediately after sending them, leaving no chat history for the real account owner. In some cases, they even alter payment QR codes by replacing them with their own, making detection nearly impossible.
骗子利用这一机制,在冒充用户与客户对话时,边发消息边删除,使受害者无法看到任何异常记录。同时,他们会删除真实的收款二维码并替换为自己的收款码,极具隐蔽性。
4. How to Check If Your Account Is Compromised
四、如何检查账号是否被盗?
Go to:
可在WhatsApp中依次操作:
Settings → Linked Devices → Tap on the listed device → Log out.
设置 → 已关联的设备 → 点击设备 → 退出登录。
If you find an unfamiliar device, log out immediately and reset your account password.
若发现不明设备,应立即退出并修改密码。
5. What to Do If Your Account Has Been Hacked
五、账号被盗后的应对措施
(1) Report and recover through WhatsApp's official Help Center, including your phone number and email. Recovery usually takes about 24 hours.
(1) 立即申诉找回账号:
通过WhatsApp官方网站的帮助中心提交申诉,说明情况并附上绑定手机号和邮箱,一般24小时内可恢复。
(2) 开启两步验证:
登录后进入"账户设置—两步验证",设置PIN码并绑定邮箱。
(3) Enhance privacy settings: enable login alerts, and restrict visibility of your photo, status, and last seen to "Contacts only."
(3) 加强隐私防护:
开启新设备登录提醒,将头像、状态、最后在线时间设置为"仅联系人可见"。
(4) 及时通知联系人:
警告客户与好友,防止进一步受骗。
Whether on WhatsApp or any other messaging platform, users should remain calm and skeptical of any message claiming "security verification" or "account risk." Never click unknown links or share personal data.
无论是在WhatsApp,还是其他社交平台上,若收到类似"安全验证"或"账号风险"提示信息,一定要保持冷静,切勿轻易点击链接或输入个人信息。
In today's world of increasingly sophisticated online scams, vigilance and verification remain your best defense.
No comments:
Post a Comment