Suspicious WhatsApp Verification-Code Request – Potential Account Takeover Attempt

Summary of the Incident

I received a WhatsApp message from the above number claiming to be an acquaintance and stating they were competing for a place in an online training program.

They stated that I would receive a 5-digit code via WhatsApp or SMS and asked me to forward it to them so they could “send it to their sponsor.”

The code did arrive, but I did not provide it. I responded neutrally to avoid tipping off the sender. The request pattern matches a verification-code social engineering attempt, where attackers attempt to gain unauthorized access to WhatsApp or Telegram accounts.

While this cannot be confirmed as fraud, the behaviour is highly suspicious and consistent with known account-hijacking techniques.

Conversation Details

Tactics observed:

Impersonation: Pretended to know me
Urgency: Pressed repeatedly for the code
Ambiguity: Claimed the code was for voting/sponsorship
Persistence: Asked multiple times even after I avoided providing the code

My response:

Did not provide the received code
Maintained neutral, non-committal replies, such as:
- “I haven’t received it yet.”
- “I’m not very good with tech, so I’m not sure what to do.”
Avoided confrontation, accusations, or revealing awareness of the scam

Evidence Attached

Screenshots of the WhatsApp conversation
Timestamped messages showing persistent requests

Observations & Advice

The 5-digit code request matches patterns of verification-code hijacking.
Users should never forward one-time verification codes to anyone.
Keep replies neutral if responding; avoid provocation or claiming you know it’s a scam.
Scammers often move quickly if a target refuses or blocks them, so document and report rather than engage aggressively.

Suggested Actions for Others

Do not share verification codes under any circumstances.
Forward suspicious messages to tools like Bitdefender’s Scamio WhatsApp bot for analysis.
Report suspicious numbers to WhatsApp abuse (abuse@WhatsApp .com) and local cybercrime authorities.
Inform close contacts to prevent accidental victimization.

Conclusion

Although this case cannot be confirmed as fraud, the behaviour is consistent with high-risk social engineering attempts targeting WhatsApp/Telegram accounts.

The goal of this report is to raise awareness, document suspicious activity, and provide guidance on how to respond safely without tipping off potential attackers.

Posted by: Joshua Steenkamp
Role: Cybersecurity analyst (personal capacity)
Location: South Africa

***Screenshots edited by @Gjoksi

Sharing your phone number on a public forum is a bad, bad idea.

Find more posts tagged with

phishing attempt

account hacking

scam alert

social engineering

whatsappscams

Comments

Bonfire9911

Thanks for sharing the info! It definitely looks like a scam:

https://www.bitdefender.com/en-us/blog/hotforsecurity/received-a-whatsapp-verification-code-without-requesting-it-beware-you-might-be-about-to-have-your-account-stolen

You may want to redact your phone number in the 2nd image, though, if updating the post is possible.

Alexandru_BD

Thanks for sharing, that's 100% a scam. I like this part: document and report rather than engage aggressively. 😉

I reported the number to be added for the Call Blocking feature on BMS for Android. It has been classified as unsafe and blocked globally.

Your contribution is highly appreciated. 👍️

LofiWare_Founder

Thanks @Bonfire9911 @Gjoksi I completely missed that one. Very much appreciated. 🙇🏻‍♂️

https://community.bitdefender.com/en/discussion/comment/359631#Comment_359631