How to avoid scams on WhatsApp when sharing your screen

  • The scam exploits urgency and the use of screen sharing to capture codes and take over accounts, with global reach and serious cases.
  • Clear signs: unknown number, camera off, urgency to act, request to install remote apps or to share screen.
  • Key protections: do not share your screen, do not give out codes, verify through official channels, and enable two-step verification.
  • WhatsApp now displays warnings when sharing your screen with strangers, and Messenger alerts you to potential scams in new chats.
Alberto Navarro

11 minutes

Security in WhatsApp when sharing screen

WhatsApp is now an everyday tool for millions of people and businesses, and since it added the screen sharing option for video calls, its usefulness has skyrocketed; but that same feature has become a favorite lure for many scammers because it exploits the Most vulnerable side: trust and the human factor.

In recent months, cybersecurity firms like ESET and specialized media outlets have warned of a global surge in this type of scam: victims have been detected in the UK, India, Brazil, and Hong Kong, and platforms such as Meta They announced that in just one month they eliminated more than 6,8 million accounts linked to fraud networks; in Spain, the Ministry of the Interior registered 211.861 cases of cyber fraud in the first half of 2025, with a a spike that demonstrates the escalating crime.

WhatsApp video call scam
Related article:
New WhatsApp scam alert: accounts stolen via video call and Bizum requested

How the screen sharing scam works

How scammers operate in video calls

This scam doesn't require sophisticated techniques: it relies on well-scripted social engineering. The criminals create a sense of urgency, feign professionalism, and get the victim to share what no one should see: their screen. From there, control can change hands in a matter of minutes. minutes if the instructions are not cut off in time.

  1. First contact: a video call or WhatsApp call from an unknown number. They impersonate bank staff, Meta/WhatsApp support, a service company, or even a relative in distress; they often use fake local numbers and keep the camera off or blurred to appear more credible and minimize questions—a staged performance that works because proximity and appearance of legitimacy.

  2. Creating a sense of urgency: they allege unauthorized charges, suspicious activity, awards to be verified, or imminent account blocks. With fear triggered, the victim lowers their guard and follows steps they would normally reject—a classic reaction to a scam. alarmist message demanding immediate action.

  3. The technical "favor": they request screen sharing to "help" with the supposed problem. In more aggressive variations, they ask to install remote access utilities like AnyDesk or TeamViewer to "provide support," opening the door to total control of the device and multiplying the risk of exposure of sensitive data in real time.

  4. Capture of codes and data: By viewing the live screen, they force the sending of the verification code from WhatsApp or other apps; this SMS appears at the top and remains visible. With this piece of information, combined with what you read and type, they can take over your account, view notifications and emails, or guide you to open your online banking—a move that gives them access to... passwords, PINs and two-factor authentication.

  5. Theft and escalation: Once they have control, they empty accounts, steal your identity, and contact your friends or family to ask for money. The damage spreads quickly: in addition to the financial losses, they compromise social media profiles or email accounts, turning the victim into a pawn in further scams—a chain that's difficult to break without action. speed and a cool head.

A key detail is the screen-sharing button itself during the video call: in WhatsApp, it appears as a mobile phone icon with an arrow pointing to the screen. Knowing what it looks like and understanding that it shouldn't be pressed under pressure helps to block the attack from the outset, because the attacker doesn't need to touch your phone to... See everything that happens in your session and what you type.

To reinforce the illusion, many scammers replicate the names and images of banks or services, create fake "help" profiles, and even make calls from different numbers. The important thing is not to let the theatrics outweigh caution: if someone needs you to share your screen to "verify" something, it's a red flag. unequivocally states that you must hang up and verify through official channels..

Real cases and global reach of fraud

Real cases of screen sharing scams

Data shared by experts and authorities shows that the problem transcends borders. ESET has documented victims in countries such as the United Kingdom, India, Brazil, and Hong Kong, confirming that the technique is being replicated with local variations but with a very similar script: phone call, urgency, screen sharing, code capture, and misappropriation of accounts or money.

Examples abound. In Brazil, a widely shared case in online forums detailed how a user's mother fell for a scam after receiving a call from a supposed friend—whose account had been compromised. She agreed to share her screen and access her online banking; her balance vanished, and she also lost control of her WhatsApp and Gmail accounts. This story aligns with what cybersecurity agencies have been warning about: the "trust" placed in a known contact is the perfect leverage for cybercriminals. defuse the initial suspicion.

In Hong Kong, the loss was in the millions: $5,5 million. The excuse was support for processing a service cancellation; the sequence was identical. With the shared screen, the attacker saw passwords and verification codes and managed to divert the funds. These examples demonstrate that it's not necessary sophisticated malware To wreak havoc, all you need is a good social engineering script and a victim. willing to trust for a few minutes.

There is also an institutional alert. In Spain, INCIBE published specific warnings about these tactics, highlighting the psychological component and the normalization of screen sharing in work or family environments. For its part, the Ministry of the Interior reported 211.861 cases of cyber fraud between January and June 2025, a 0,6% year-on-year increase, a figure that underscores the need to internalize habits of caution and... denounceBecause Without a report, there is no traceability of the crime..

Meta explained that, as part of its global anti-fraud campaign—with a special focus on seniors—it has deactivated millions of accounts associated with scam hubs and collaborates with OSINT firms like Graphika. According to its research, nearly eight million Facebook and Instagram accounts linked to these scams have been suspended so far this year. fraudulent activitiesfrom bogus remodeling or debt relief services to impersonation of airline or bank customer service representatives.

The economic impact is devastating for vulnerable groups: the FBI estimated that in 2024, people over 60 lost more than $4.800 billion to fraud. Criminals create pressure and a sense of urgency, and seek out conversations outside of official channels. In the case of WhatsApp, some even record video calls to capture keystrokes and screenshots, and from there they fabricate requests for transfers or forwarding of codes. Therefore, when faced with unexpected messages or calls, think twice before clicking, entering a PIN, or... accept to share the mobile screen.

How to protect yourself and what to do if it happens to you

How to prevent scams on WhatsApp

The good news is that there are simple measures that largely mitigate this risk. The main one: Do not share your screen with strangers Nor with supposed “agents” who contact you without your consent. If the call raises any doubts, hang up and call the company through its official channels. To put it simply: urgent matters rarely require someone to look inside your phone, much less type in passwords or verification codes in view.

Warning signs you shouldn't ignore

  • Artificial urgency: they ask you to act immediately to “avoid a blockage” or “stop a charge.” This rush is part of the script to prevent you from verifying anything; when you feel pressured to say “yes” quickly, it’s time to stop and verify on your own.

  • Suspicious identity: an unknown number, a profile that impersonates your bank or WhatsApp/Meta support, or the camera is off during the video call. Any of these signs warrants verification with official sources before proceeding, because scammers... They easily nail logos and names..

  • Requests to share your screen or install remote apps: If they ask you to enable screen sharing or download AnyDesk/TeamViewer "to help you," hang up. These are legitimate tools, but in the wrong hands they provide unauthorized access. You must not grant it to anyone.

  • Suspicious links and forms: messages with links to supposed verifications or unofficial support pages. Look for typos, altered URLs, or strange text; the wording sometimes gives away the scam, and as a matter of policy, reputable companies... They don't ask for codes via chat or email..

Good practices that should be adopted now

  • Don't share your screen except with people you trust completely and in controlled environments. On WhatsApp, if someone insists you turn it on to "check a problem," end the call and contact the company yourself. This simple decision eliminates 90% of the need for screen sharing. social engineering-based attack chain.

  • Never give out passwords, PINs, verification codes, or sensitive information over the phone, chat, or video call. No bank, government agency, or WhatsApp will ever ask for this information spontaneously; if they do, it's a scam. clear sign of scam.

  • Avoid installing remote access apps when asked to do so by a third party. If you use them at work, ensure it's under clear policies and with IT oversight. In a personal setting, it's like opening a door that... you won't be able to close on time.

  • Check official channels: If a company contacts you via WhatsApp, verify their contact information on their official website or app. Avoid posting complaints with personal information in public forums: scammers target victims in the comments, impersonate "support," and redirect you to scams. private chats to attract you.

New Meta protections in WhatsApp and Messenger

Meta is deploying notifications within WhatsApp that pop up when you try to share your screen with an unknown contact during a video call. The goal is to give you context just in time: reminding you that the other person will see everything, including codes and notifications, and suggesting that you only share with those you know. truly trust.

In Messenger, the company is testing automated warnings in chats with new contacts when it detects typical fraud patterns, and offers to send recent messages to AI systems to review for signs of fraud. Additionally, it is promoting passkeys for logging in with device biometrics or PINs on Facebook, Messenger, and WhatsApp, which reduces the value of stolen credentials in attacks. Phishing and impersonation.

Another recommendation from the manufacturer: always use the official helpline or the company's website for support; avoid links in emails or text messages, and be wary of responses from supposed agents who contact you after a comment on social media. Scammers look for opportunities to "help" you and, from there, push you into... share your screen and your data.

If you've already fallen: immediate steps

  • Take a breath and end the session: if you were sharing your screen, end the call. Change critical passwords from a secure device and, if applicable, block cards and notify your bank. Time is of the essence. limit unauthorized transfers and access.

  • Notify your contacts: explain that your account may have been compromised so they ignore requests for money or codes. Ask them to contact you through another channel if they receive suspicious messages; impersonation is the next common step. multiply fraud.

  • Contact WhatsApp: write to support@whatsapp.com or describe the issue (you can do this in Spanish) and request to recover your account. You can also reinstall the app to force a new verification code and try to regain control with your number and the Two-step verification PIN.

  • Gather evidence and report it: save screenshots, phone numbers, messages, and call details. File a report at police stations or prosecutor's offices specializing in cybercrimes. In some countries, there are specific helplines (for example, 137 in Argentina) that can guide you; check the resources available in your region for more information. receive assistance and advice.

Although this scam thrives on our good faith and the normalization of screen sharing for work or with family, it can be stopped in its tracks with a few simple habits: stop in the face of urgency, don't share your screen with strangers, don't give out codes or passwords, always verify through official channels, and activate protections like two-step verification. With clear information, alert tools within the app itself, and a healthy dose of skepticism, you'll minimize the chances of a third party turning your phone into a Open window to your digital life.