Beware WhatsApp “hey mum” phishing scam spreading

ByCraig Haley

A new WhatsApp phishing scam is spreading whereby crooks are pretending to be the family member of the victim in order to trick them into sending cash.

Spreading primarily in the UK, the scam begins with an unsolicited WhatsApp message sent to the victim from what appears to be a family member who has recently changed their phone number. Currently these scam messages start with generic greetings such as “hi mum”.

The scammers, posing as the family member, will then proceed to request the victim send money urgently. If the victim complies, they will ultimately be lured into sending money to cyber crooks.

See an example of such a scam message below.

A few observations…

Firstly, the scammers do not appear to know the name of their intended target, or the names of their family members, which is why they use the generic greeting “hey mum”. The crooks are hoping their messages will land in the WhatsApp inbox of a target who is a mother, and thus will assume the message is from one of their children.

Of course the crooks can easily swap out these generic greetings for others, such as “hi dad” or “hi sis” etc.

Secondly, the English in these messages is far better than many phishing scams we’re used to seeing, suggesting the perpetrators are from an English speaking country, possibly the UK itself. The ability to speak using common English slang makes these messages extremely convincing.


Sponsored Content. Continued below...




In the messages themselves, the crook – posing as the family member – will claim they’ve recently changed their phone number, hence why the message appears to come from an unknown contact.

They will also use some social engineering trick to lure the target into sending money. We have already seen examples of crooks using the stories of cancelled bank accounts and getting mixed up with loan sharks to lure victims into paying out.

The advice here is to never assume that a family member has changed their phone number until you can speak to them over the phone or – better yet – face to face. You should also never send money to a friend or family member until, again, you’ve spoken to them over the phone or face to face and are confident it really is them to made the request, and not someone impersonating them.

Keep up-to-date with all the latest cybersecurity threats and our tips to stay safe online. Follow us on Facebook, Instagram and Twitter.

Continued below...


Thanks for reading! But before you go… as part of our latest series of articles on how to earn a little extra cash using the Internet (without getting scammed) we have been looking into how you can earn gift vouchers (like Amazon vouchers) using reward-per-action websites such as SwagBucks. If you are interested we even have our own sign-up code to get you started. Want to learn more? We discuss it here. (Or you can just sign-up here and use code Nonsense70SB when registering.)

Become a Facebook Supporter. For 0.99p (~$1.30) a month you can become a Facebook fan, meaning you get an optional Supporter Badge when you comment on our Facebook posts, as well as discounts on our merchandise. You can subscribe here (cancel anytime.)