Smishing and Social Media : how Scammers are Leveraging Platforms like WhatsApp

By: Vanna karthik; Vel Tech University, Chennai, India

Abstract

Digital society has experienced a transformation through the development of social media and messaging platforms in the modern age. Technological progress has created new potential vulnerabilities cyber attackers use to harm unsuspicious users. The trend of using Physics through mobile text messages called Smishing has increased rapidly because scammers frequently exploit WhatsApp and other messaging applications. This article examines the escalating danger of smishing and identifies how cyber attackers exploit social networks and provides users with protection strategies against these damaging intrusions.

Introduction

Users now enjoy the fastest and most convenient communication capabilities because smartphones and messaging apps have expanded in massive numbers. WhatsApp stands as an essential platform for personal and professional use because it now serves over 2 billion users across the globe[1]. The massive expansion of these platforms has turned into an opportunity for cybercriminals to execute fraudulent behaviors through the system. The combination of text messaging (SMS) and phishing techniques yields “smishing” which forces recipients to drop their security measures by offering deception up to illicit data retrieval or dangerous software download. Social media features added to messaging apps enabled evildoers to create sophisticated smishing attacks which remain difficult to spot by victims.

How Smishing Works on Platforms Like WhatsApp

The typical communication method used by smishers within WhatsApp and similar platforms includes a carefully designed sequence with psychological manipulation goals. The threat actors trick victims by pretending to represent dependable organizations which include financial institutions or governmental departments as well as individuals the victim already trusts. The following are some of the primary strategies used by scammers to carry out their smishing attacks:

1. Impersonation of Trusted Contacts: After gaining access to authentic accounts, scammers send messages that appear to be coming from a reliable source. These letters usually include requests for private information together with urgent demands for money transfers[2].

2. False Offers and Promotions: The messages make scenarios to convince recipients that they have won a prize or are eligible for exclusive, time-limited offers. These messages typically trick people by clicking on links to fake sites or downloading harmful malware[3].

3. Account Verification Scams: An illegal message alerts users that WhatsApp wants them to verify their account through a link or it will deactivate their account. User accounts end up being exposed due to links that lead users to credential-stealing websites[2].

4. Charity and Emergency Scams: The scammers use emotional blackmail to trick people into believing their demands for sending donations toward nonexistent charity organizations or believing their loved one faces immediate financial hardship.

WhatsApp functions as a primary platform for such cyberattacks.

The privacy-protecting end-to-end encryption implemented by WhatsApp hinders law enforcement from detecting unlawful activities because authorities cannot access the messages. Scammers find the platform appealing because it operates worldwide, and users find it easy to use. The fraudulent capability to reach multiple users through WhatsApp features such as group chats and broadcast lists leads to greater attack effectiveness[4]. Unrestrained new account verification enables scammers to easily establish false profiles and abandon them afterward.

The Impact of Smishing[5]

The negative consequences of being caught in a smishing attack are extremely damaging. When people fall prey to smishing this leads to economic damage and unauthorized access to their personal information and bank accounts. The installation of malware through a smishing attack permits attackers to gain full control of a device that results in scammers receiving access to all data and photos along with contacts. Smishing produces two major side effects along with direct damage; it damages trust in digital communication systems which leads users to distrust approved messages and available offers.

How to Protect Yourself from Smishing

Users can protect themselves from smishing attacks through several defensive measures despite the increasing sophistication of these tactics.

1. Always verify the identity of your sender because urgent requests combined with amazing offers which seem implausible must be double checked.

2. Steer clear of all suspicious links as well as any unknown or untrustworthy source downloads.

3. Regular implementation of Two-Factor Authentication (2FA) provides additional defensive measures for protecting your accounts from unauthorized access when credentials become known to unauthorized parties.

4. Users can protect themselves through the ability to report and block suspicious accounts that exist in most messaging systems, including WhatsApp. Using this method allows users to stop the spread of smishing attacks.

5. Learning about current smishing strategies should become a priority since it helps you protect yourself alongside others who need to understand these threats.

Conclusion

The techniques used by cybercriminals follow the modifications of social media and messaging platforms. People must remain constantly alert about cybersecurity threats because smishing attacks have become a serious issue on WhatsApp and other messaging platforms. Users who build their knowledge about these scams along with activating protective steps will be able to safeguard themselves while benefiting from these powerful communication platforms. The advancement of technology requires platform providers and law enforcement agencies and users to collaborate against the expanding smishing threat to deliver security across online platforms.

References

1. “AJSMR_Inobemhe_Santas_2021-libre.pdf.” Accessed: Feb. 13, 2025. [Online].
2. D. N. Njuguna, J. Kamau, and D. Kaburu, “A Review of Smishing Attaks Mitigation Strategies,” Int. J. Comput. Inf. Technol.-0764, vol. 11, no. 1, Mar. 2022, doi: 10.24203/ijcit.v11i1.201.
3. M. K. Mehmood, H. Arshad, M. Alawida, and A. Mehmood, “Enhancing Smishing Detection: A Deep Learning Approach for Improved Accuracy and Reduced False Positives,” IEEE Access, vol. 12, pp. 137176–137193, 2024, doi: 10.1109/ACCESS.2024.3463871.
4. Dr Giddeon Njamngang Angafor, “Social media security: the impact of AI-generated Whatsapp scams on the security and privacy of Whatsapp community groups,” Comput. Sci. IT Res. J., vol. 6, no. 1, pp. 1–20, Jan. 2025, doi: 10.51594/csitrj.v6i1.1793.
5. M. N. B. Haizam and N. H. B. N. Zulkipli, “Analysing The Impact of Smishing Attack in Public Announcement System on Mobile Phone,” Procedia Comput. Sci., vol. 245, pp. 1165–1174, 2024, doi: 10.1016/j.procs.2024.10.346.
6. Rahaman, M., Lin, C. Y., Pappachan, P., Gupta, B. B., & Hsu, C. H. (2024). Privacy-centric AI and IoT solutions for smart rural farm monitoring and control. Sensors, 24(13), 4157.
7. Lu, Y., Guo, Y., Liu, R. W., Chui, K. T., & Gupta, B. B. (2022). GradDT: Gradient-guided despeckling transformer for industrial imaging sensors. IEEE Transactions on Industrial Informatics, 19(2), 2238-2248.
8. Sedik, A., Maleh, Y., El Banby, G. M., Khalaf, A. A., Abd El-Samie, F. E., Gupta, B. B., … & Abd El-Latif, A. A. (2022). AI-enabled digital forgery analysis and crucial interactions monitoring in smart communities. Technological Forecasting and Social Change, 177, 121555.
9. Cajes N. (2025) AI and Machine Learning in Phishing Detection: Using Ensemble Methods for Improved Accuracy, Insights2Techinfo, pp.1

Cite As

Karthik V. (2025) Smishing and Social Media : how Scammers are Leveraging Platforms like WhatsAppative AI and Phishing : How Chatbots are Being Weaponized, Insights2techinfo pp.1

848900cookie-checkSmishing and Social Media : how Scammers are Leveraging Platforms like WhatsAppyes