Kaspersky warns: WhatsApp screen sharing scam circulating in Europe could be implemented in Brazil

Kaspersky has warned about a new scam circulating in European countries that could be replicated in Brazil. Dubbed the "screen mirroring scam", the attack causes victims to share their phone screen during video calls, allowing criminals to capture verification codes, passwords, and other sensitive information. See below for more details about the scam and how to protect yourself.

This new scam has not yet been observed in Brazil, but has the potential to reach the country, as Brazilian criminals often quickly adapt frauds that work in other regions and WhatsApp is very popular locally. “This modus operandi has already been recorded in European countries, such as Portugal, and since social engineering techniques are easily replicable, it is important that Brazilian users remain vigilant and know how to identify this type of fraud attempt,”, explica stated Fabio Assolini, director of the Kaspersky Global Research and Analysis Team for Latin America.

The scam typically begins with a call from someone posing as a bank representative, service provider, or even a known contact – a classic example of social engineering. During the call, the criminal creates a sense of urgency and requests that the victim share their screen to “verify” or “fix” a supposed problem, simulating technical support.
 

Example showing the screen sharing option during a video call

Upon accepting, the victim exposes confidential data displayed on their phone, such as authentication codes, passwords, and notifications from financial apps. Taking advantage of the screen view, the criminal may attempt to activate WhatsApp on another device: when registering the victim's number, WhatsApp sends a verification code (OTP) to the phone – a code the fraudster can see in the notification and use to take over the account. Consequently, the scammers begin sending messages on behalf of the victim, asking contacts for money and expanding the reach of the fraud.

Criminals often act quickly: after obtaining the information, they attempt to finalize transfers, change passwords, or block the victim's access to their own accounts before the problem is detected.

“Although it is not a new feature (launched in August 2023), the screen sharing feature on WhatsApp is little known and used. Indeed, this is the first time we have seen social engineering attacks abusing this feature. While it is useful in situations where people need technical assistance, the feature has malicious potential if shared with strangers. Although it does not allow remote operation and control of the device, this feature is sufficient for fraudsters to see passwords, usernames, and other important data that can, combined with social engineering, lead victims to facilitate the scammers” actions,", explica stated Fabio Assolini.

Meta recently announced new tools to protect WhatsApp and Messenger users from potential scams. Among the new features, WhatsApp will now display warnings when someone attempts to share their screen with an unknown contact during a video call, helping to prevent the leakage of confidential information, such as banking details or verification codes.

To protect yourself from this scam, Kaspersky recommends:

• Enable “Silence Unknown Callers” on WhatsApp: Go to Settings > Privacy > Calls and enable the option. Calls from unknown numbers will be silenced and logged in the history, but will not ring the phone.
• Never share your phone screen with strangers, even during video calls.
• Be wary of unexpected calls: legitimate banks and companies do not request codes or screen sharing.
• Do not provide verification codes (OTPs), PINs, or passwords to third parties.
• Avoid using financial apps on vulnerable devices, such as outdated smartphones or those without security updates.
• Enable two-factor authentication (2FA) on all financial and messaging applications.
• Use security tools, such as Kaspersky Who Calls, to identify and block calls from suspicious numbers.