HackOnChat WhatsApp Scam Targets Users With Fake Support Messages

A new WhatsApp scam known as HackOnChat is circulating rapidly across multiple regions. The operation relies on convincing social engineering tactics that trick users into handing over verification codes, personal information or control of their WhatsApp accounts. The scam has gained traction due to its realistic appearance and the use of fabricated support messages that imitate official WhatsApp communication.

How the Scam Works

HackOnChat scammers typically begin by contacting users through WhatsApp itself. They pose as WhatsApp Support representatives and claim that a security issue has been detected on the user's account. To resolve the supposed issue, the attackers instruct the victim to share a six digit verification code that is sent by SMS.

Once the victim forwards this code, the scammers immediately use it to log in and take control of the account. With the account compromised, attackers often target the victim's contacts, requesting money or personal details while pretending to be the legitimate account owner.

Why HackOnChat Is Effective

Unlike traditional phishing campaigns that rely on malicious links or downloads, HackOnChat uses direct conversation and trust manipulation. The attackers craft their messages to sound urgent and authoritative. Many victims are deceived because the scam does not require any app installation or suspicious website visits. Everything occurs inside WhatsApp, creating a false sense of legitimacy.

Tactics and Techniques

Analysts tracking the HackOnChat operation have flagged several tactics and techniques that outline how the scam functions and spreads across global user bases.

• Initial Contact: Direct WhatsApp message from fake support accounts pretending to conduct security checks
• Social Engineering: Urgency based language that pressures victims to respond immediately
• Credential Harvesting: Requests for WhatsApp verification codes or backup PINs
• Account Takeover: Attackers use the stolen code to log in and remove the victim's device from the session
• Lateral Spread: Compromised accounts used to contact friends and family for fraudulent requests
• Impersonation: Attackers maintain the victim's profile image and chat history to appear legitimate
• Persistence: Added security emails and phone numbers to lock victims out permanently

Impact on Victims

Many victims report losing access to their WhatsApp accounts for long periods. Some have suffered financial loss after contacts were manipulated into sending money or sensitive information. In regions where WhatsApp is widely used for business communication, the impact has included operational disruption and reputational damage.

Because the scam targets mobile identity verification, recovery can be difficult. Several cases indicate that attackers delete chat backups or modify authentication settings to prolong access.

Recommendations for Protection

Security specialists urge users to enable two step verification inside WhatsApp. This adds a secondary PIN that is required before any account migration can occur. Users are also advised to avoid sharing verification codes with anyone, including contacts who appear familiar.

WhatsApp has reiterated that it never contacts users asking for verification codes, nor does it send messages through regular chats for account support. Any message that claims otherwise should be treated as fraudulent.

Conclusion

The HackOnChat scam highlights the growing threat of social engineering attacks across messaging platforms. As attackers shift towards manipulation rather than malware, users must remain cautious and verify any unexpected requests. Proactive security settings and awareness remain the most effective defences against this rising wave of account takeover campaigns.