The Indian Cybercrime Coordination Centre (I4C), which operates under the Ministry of Home Affairs, has issued a strong warning after identifying a new online scam in which criminals are taking control of WhatsApp accounts by offering users quick money to carry out a seemingly harmless task.
The modus operandi is simple but the outcomes are impacting people globally. The scammers are convincing people to scan WhatsApp Web QR codes that secretly grant them access to the user’s account.
According to the official advisory, “such accounts are effectively being rented out as mule WhatsApp accounts which may subsequently be used for illegal activities such as fraud.”
The advisory document highlights how the trend has developed into a transnational cybercrime tactic, with fraudsters based outside India using compromised Indian accounts to conceal their identity.
How the scam works
The scam typically begins with social media advertisements or messages that promise easy income. These often appear as online jobs or simple digital tasks that require users to scan a WhatsApp Web QR code displayed on a website or app controlled by scammers.
Once the code is scanned, the fraudster becomes an authorised device on the victim’s WhatsApp. This gives them the ability to read messages, send messages, impersonate the user and view their contacts. Many victims remain unaware of the breach because the takeover happens quietly in the background.
The advisory notes, “the misuse: use of mule WhatsApp accounts … to scale scams (phishing, payment fraud, recruitment for further mule services).” Once compromised, the account is used to circulate fraudulent links, approach contacts for money and lure fresh victims into the same scam. Because the communication appears to come from a known number, the messages carry an automatic sense of trust, making them far more effective.
The I4C also states that scammers sometimes redirect people to suspicious websites or unofficial APKs that facilitate the linking process. Users believe they are completing a small task for quick payment, but are in fact giving criminals full control of their WhatsApp identity.
What users need to be careful about
The advisory urges users to treat any request involving a WhatsApp QR code with caution, especially if money is involved. It advises the public to check the “Linked Devices” section inside WhatsApp regularly and to immediately log out of any unfamiliar sessions. Two-step verification should also be enabled to stop unauthorised access.
The I4C is explicit in its guidance: “Users are advised to avoid being part of any scheme which involves renting or linking of their WhatsApp account in return for monetary gain.”
The advisory stresses that a WhatsApp account carries personal identity, trust and credibility. A single careless action, such as scanning a QR code sent by a stranger, can hand that identity to criminals.
The cyber crime coordination centre makes it clear that users must never link, rent or share their WhatsApp accounts under any circumstances, regardless of how genuine or harmless an offer may appear.
What citizens are being told by the I4C is simple -Your WhatsApp account represents your identity, and handing it over for a quick earning offer can expose your entire network to fraud. Staying cautious online is no longer optional; it is essential.
-
Leave wheat bread, just eat bread made from this flour for one month, fat will melt like butter.. – News Himachali News Himachali
-
Today’s Number Astrology 1 December 2025: On the first day of the month, there will be a change in the lives of people with these 3 numbers, they will meet an old friend.
-
Incredible moment HIGNFY star skewers Rachel Reeves with her own words
-
Meghan Markle shares similar skill to Kate as she marks friend's special moment online
-
Incredible city with Africa's 'coolest' street and pretty beaches
