Receive a message about WhatsApp invites you to support a young girl in a dance competition may seem, at first glance, to be a legitimate and completely harmless request. Especially if you receive this message from a trusted contact already saved in your address book. Behind this request, however, lies the one that is making headlines like the ballerina scamwhich is in addition to scams via WhatsApp messages such as the CV scam or the 6-digit code scam. The message, which usually shows a photo of a little girl dressed as a ballerina, leverages the possibility of the latter winning an important scholarship. Too bad that the link included in the message is malicious and is designed to make you lose control of your WhatsApp account, which is immediately used by cyber criminals to reiterate the message to the entire contact list and, in a second phase, to send requests for money simulating urgent economic difficulties. We see how the dancer scam on WhatsApp works and how to defend yourself.
How the dancer scam works on WhatsApp
The dynamics of this cyber attack is based on a now standardized visual and textual script that we are carefully monitoring: the bait consists of the image of a young girl, often portrayed in a black bodysuit during an artistic evolution, accompanied by a caption that leverages the empathy of the recipient. The text urges us to vote for a certain «Federica», presented as the daughter of a friend of the sender, claiming that a simple click could guarantee her winning a competition and access to a valuable scholarship for a year of free education.
To lower the cognitive defenses of potential victims, the scammers specify that no financial outlay is required but only a quick vote via the attached link. It’s a shame that in reality there is no competition or scholarship: the one just described is a “textbook” case of smishing. This technical term, a fusion of the words SMS and phishing, refers to a fraudulent technique that uses mobile messaging services to trick victims into sharing sensitive information. Unlike spam emails which often come from unknown addresses, the effectiveness of this trap lies in the transmission vector: the message comes from a “friendly” numberi.e. a contact already saved in the address book, which gives the request a veneer of authenticity that often deceives even the most attentive users.
On balance, however, the contact from whom we receive the invitation is, in turn, an unaware victim who has already lost control of his account. In fact, when a user clicks on the hyperlink provided, they are redirected to a counterfeit portal, graphically similar to the official ones, where they are asked to log in or enter a code received via SMS to validate the alleged vote. By performing these actions, the victim literally hands over the keys to their WhatsApp profile to the cybercriminals. Once access is gained, the attackers oust the rightful owner by blocking the app on his device and trigger a chain reaction, transforming the telephone number just hacked into a new vehicle for spreading the scam towards all contacts present in memory.
In addition to the damage related to the violation of privacy, this fraud apparently often evolves into extortion attempts or financial fraud: a short time after sending the survey, messages are sent from the compromised numbers complaining of sudden economic difficulties, asking for immediate loans or transfers from the victim’s friends, who remains unaware of everything until she is contacted by telephone by acquaintances suspicious of similar anomalous requests.
How to protect yourself from the dancer scam on WhatsApp
For defend yourself from the dancer scam on WhatsAppwe must adopt a rigorous security protocol that starts from the principle of never interact with links received via messaging (even if they come from family members), unless after cross-checking. A phone call to the sender is enough to ascertain the veracity of the message and discover, most likely, that the person is completely unaware of the sending. This is a signal that highlights the fraudulent nature of the communication received.
If you suspect that you have fallen into the trap, make an attempt to clean up your account as soon as possible: by accessing the WhatsApp settings, go to the section Connected devices and force the disconnection of all active sessions that you do not recognise, thus interrupting illegitimate access via WhatsApp Web. Furthermore, to protect the account from future theft attempts, it is essential enable two-step verificationa feature that adds an extra layer of security by setting a personal PIN. Another important thing, if you have fallen victim to the scam, report the incident to the competent authorities, such as the Postal Police, as soon as possible.
