Following closely on the heels of the introduction of new tools designed to provide safety enhancements to WhatsApp users, Meta has announced that it has taken 6.8 million scam accounts off the platform in the first half of 2025.
Meta says that the platform scammers it has uncovered and booted from WhatsApp are a mix of crypto fraud, pyramid schemes and pay-for-engagement rings among other schemes. Scam accounts are often formerly legitimate accounts that were taken over by hackers, who then leverage contact lists as an added layer of legitimacy; some of the new safety measures involve automated protections against known tactics of this type, such as attempting to add targets to a new and unfamiliar group chat.
Cleanup of scam accounts focused heavily on organized cyber crime rings
Meta says that many of the scam accounts it took out are the work of large organized cyber crime rings located primarily in Southeast Asian countries such as Cambodia, Myanmar and Thailand. These operations are sometimes fed by forced labor, with participants initially misled about the nature and terms of the job and then threatened once they begin working.
These large organizations often run a broad variety of different types of scams at once, and the scam accounts are not limited to WhatsApp. The perpetrators typically add layers to scams by also making use of Telegram and TikTok accounts, direct SMS messaging and text and content generated by ChatGPT. One popular approach on WhatsApp is to attempt to add a user to a group chat allegedly dedicated to investment opportunities and/or crypto trading where they will be “recommended” scam products that require an upfront payment.
The scam accounts are also involved with pay-for-engagement rings that offer payments for “likes” on posts and TikTok video content, and this is sometimes a means of building trust with a job-seeking victim before then hitting them with a crypto investment scam. Targets will first be recruited to get paid for leaving likes, which they may legitimately be paid some small amount of money for, before they are “promoted” to some sort of crypto project that requires them to invest money up front.
Other WhatsApp scam accounts engage in “classic” and more straightforward scam attempts: they try to recruit targets into pyramid schemes, or initiate a romance scam, or offer a fraudulent job opportunity that is really an attempt to steal personal information. These types of scams are often initiated off the platform via a direct SMS message or contact on a dating app, before the victim is directed to engage with the WhatsApp scam accounts as the next step.
Social media fraud has quietly become a hot criminal enterprise
Among the new protective moves that WhatsApp is making are a new “safety overview” bar that pops up when one is added to a previously unknown group, and warnings during messaging with people not in the existing contact list that provide greater context and safety reminders. Notifications for any new and unfamiliar groups that users are added to will also stay silent until the user chooses to opt in to them. The company is also promoting a “pause, question, and verify” campaign that urges users to take time to review messages that include claims of urgency or that promote some seemingly lucrative financial opportunity.
While AI and ransomware tend to grab the gaudy headlines, social media fraud has quietly moved to the top of cybercrime charts. The FTC reports a massive spike during the Covid-19 pandemic, when losses shot into the high hundreds of millions of dollars annually. What was only a $42 million problem annually in 2017 is now over $1 billion less than 10 years later. One of the big reasons for this spike is that scammers successfully adjusted approaches that used to be reserved for targeting of senior citizens, and have now made the 18-to-40 age bracket the group that is most frequently victimized. The amount lost to fraud per incident is also growing, with recent FTC stats showing that the amount of fraud victims remained relatively stable from 2023 to 2025 but that social media fraud losses spiked from about $770 million to about $1.9 billion during that time.
The recent surge can likely be attributed in large part to AI tools. Scammers are now much more readily able to generate custom fake photos and video that are good enough to pass, simulate voices with deepfake audio, and quickly polish up their text messages in languages that are not as familiar to them. Scammers are also becoming more sophisticated about leveraging the contents of massive data breaches to take over the accounts of those that fail to change their login credentials and/or implement solid MFA, and then subsequently using their contact lists and history on the platform to develop tailored approaches packed with details that enhance authenticity.
In addition to the scam types mentioned above, other popular methods include fake giveaways or contests and sometimes links to entire bogus storefronts that will simply keep payments and never send a product. Scam accounts will often promote these with unbelievably good offers that are for a very limited amount of time in order to increase pressure to act impulsively and fail to analyze messages carefully.
