/ Technology

Have you been targeted by scams on WhatsApp?

The personal messaging app is the most recent medium for scammers trying to steal your data. Here’s what to look out for.

Had a friend or family member share a deal that’s too good to be true with you on WhatsApp recently? If so, you’re not alone.

For most people, getting a message like this from someone they know well is more likely than not to be believed – and scammers depend on that trust.

We’ve seen a swathe of scams circulating on the personal messaging app WhatsApp which using big-name brands like Costa Coffee, Morrisons and Sainsbury’s to lure people into parting with their personal details.

Free cash?

These WhatsApp scams all feature promotional deals and competitions that are too good to be true, including a free £150 gift vouchers, a free £120 gift card and a free £75 voucher to celebrate a brand birthday.

Here’s what the latest Morrisons and Sainsburys WhatsApp scams look like:

The message itself is written like an endorsement, often with emojis for an added personal touch.

As the URL shared in the message typically contains the name of a big-name retailer, it looks like a tempting offer from a trusted brand via a trusted source.

Clicking on the link in the message will usually take you to an online survey asking for your personal information, including your email, home address and phone number, before the free ‘prize’ or free ‘gift voucher’ can be sent to you.

Chain scam

When the survey is completed, you’re asked to select WhatsApp friends to share the deal with.

The promotional message and link is then sent to all of those contacts. The scam continues to grow.

If you see any scams like these, let us know so we can help raise awareness when they are happening

So, have you seen any scams like these circulating on WhatsApp? What are your top tips for identifying whether a deal is genuine or a fake?


I seem to remember a similar scam via email a couple of years ago. Why would any organisation choose to give you a gift of substantial value? The tip is surely to simply ignore offers that are too good to be true. If you think there may be some reason you have been singled out for some very generous treatment then you can always email the donor at their known address and ask them.

I agree – if an offer sounds to good to be true, it is likely to be a scam.

That shouldn’t be new news, but many folk seem all too ready to believe everything they see on the internet.

It is a few years since I deleted WhatsApp, after a security problem was announced.

I just delete promotional material and anything saying that I have won a prize.

I avoid apps like Whatsapp, twitter and instagram much as I do Bubonic plague, rats and flea infestations.

Many companies and other organisations expect us to use Twitter, but they can carry on expecting as far as I’m concerned.

I’ve recently checked out a few of the Which? posts on Facebook. Whilst there was nothing wrong with the headline posts, the general standard of the replies and comments was quite poor, i.e. their signal to noise ratio was effectively zero.

A few years ago, I previously found that I did not like twitter for exactly the same reason (but, at least, there is a clue is in the name there).

It has long surprised me that some people are keen on Facebook, others keen on Twitter, others happy using both and a fair number would not touch either despite having no experience.

I do object to those companies who think that Twitter or online chat is acceptable way of dealing with customers with problems.

Whatever means of communication, we all need to be vigilant about scams and it is a reasonable expectation that the service providers will do their best to protect us against problems that have been identified.

I note that one of the “advantages” claimed for WhatsApp is “end-to-end” encryption.

So if a WhatsApp message contains a toxic link, then the only opportunities for flagging that up and rejecting it will be with WhatsApp themselves and on the recipient’s PC or other device.

But whilst many Windows PCs will have good security software that should block (or warn about) dodgy links many other devices (not least Linux PCs and Android devices) won’t have such software in place by default.

Another cunning feature of this latest scam is its chain letter aspect. Thus, like many other computer worms, it can spread disguised as ordinary social media messages.

Hi @derekp, How are you today?

Thought it might be useful to know that we focus primarily on paid social media posts that are designed, optimised and sent out to the audience the information is most relevant to. We do post on our page regularly, so that there is information there for all to see, but we’ve found the above techniques to be more effective at getting the right information to the right people. It can be an art! 🙂

Hi Elena G.

I’m fine thanks – and beginning to enjoy my retirement 🙂

I agree it is good for Which? to use social media platforms as a means for publishing issues and campaigns, not least because platforms like W?C only seem to reach about a dozen active participants.

I also agree that producing clear and simple communications is an art. It can also be a science too. For example, where I last worked, the instructor training included a number of tips for making good PowerPoint presentations. Most of those could be traced back to scientific studies of learning and/or perception.

When I first started work the research director sent round copies of a book “The presentation of technical information”by Reginald Kapp, based on four lectures he gave at University College London. I have just rediscovered it in my garage and have it by the bed ready to re-read. In the preface he says, after the lectures were repeated to a much wider audience “ This experience made it clear that there is a big demand for help and guidance in the art of exposition”

I look forward to seeing what it says again – too long ago to remember.

I’ve lost count of the number of lectures I sat through where the only thing really well demonstrated was how not to use an OHP.

That said a really good piece of communication is a art in itself and one that’s mirrored in the classical structure of the sonata: Exposition, Development, Recapitulation.

The Exposition is of fundamental importance since a badly presented one can lose the listener’s interest for what follows.

But really top class communication involves at least three senses: aural, visual and tactile.

Tactile? You might be right, but that’s only a feeling.

I hadn’t realised you’re fresh into retirement! I love stuff like that – when you know the science behind how we learn, or how we process information, in particular. With PowerPoints, the way you lay things out and present a story is a science. Were you a whiz with PowerPoint? I bet you don’t miss it whether you were a whiz or not! 😉

Powerpoint made presenting talks and lectures so much easier. Saved all the work in preparing slides, diagrams and photos when you could import them and project in decent quality.
Two of a number of the ways people used it irritated me:
– the speaker whose complete text appeared on the slides as he/she read it
– all the silly features – flying letters for example – that people used only because they were there, not because they enhanced the talk – they did the opposite for me.

Maybe there ought to be a professional version of PowerPoint without the whizzy bits.

My personal hate is visiting speakers who feel the need to have their corporate logo on each slide.

Sometimes corporations require their logo to be on all their slides – if so, that won’t be the speaker’s fault.

For further critiques of PowerPoint, comedian engineer Don McMillan has some nice stuff on his Youtube channel.

This could be one of them: https://www.youtube.com/watch?v=MjcO2ExtHso 🙂 I think you mentioned Don McMillan last time we discussed PowerPoint. Searching for ‘death by PowerPoint’ will produce hours of viewing, much of it not very entertaining.

In the early days we had directives about corporate identity including using corporate PowerPoint templates. As far as I know, none of my colleagues payed any attention. I remember we were told to use a particular font on the basis that it was ‘restful on the eye’. I wrote to the author of that edict and politely explained that I wanted to command attention and not put people to sleep. The corporate identity guy was redeployed and given something useful to do.

Back on WhatsApp, the friend who encouraged me to use the app to call him when abroad now just phones me on his mobile. I’m presuming that this will still be possible after Brexit.

wavechange, I doubt anyone would get the sack for failing to follow corporate identity guidelines.

But approvals for conference attendances and approvals to publish and present papers could be easily withheld.

In my experience, some corporations are much stricter than others. In the consumer domain, “lookalike brands” and “fake brands” can be used to deceive consumers, so it can be good to see companies defending their brands. Some supermarket “own brands” clearly use very similar colours and shapes to leading brands.

Working in industry would not have suited me. 🙁

I am strongly opposed to counterfeiting but not very concerned when different brands share similar packaging.

In most industry counterfeiting is not a significant issue. All trades and professions have their share of cheats with wiley ways. Mainly down to the individuals who work in them.

Derek referred to lookalike brands and these are used extensively. It does not concern me because I can generally spot the differences, but why not make products distinctively different from the most popular brand rather than producing copycat versions?

This comment was removed at the request of the user

Yes, but if you go into a supermarket you will see brands that to a greater or lesser extent look similar to the market leader. Counterfeiting – producing goods that are intended to look like a genuine article – is unquestionably wrong.

wavechange, I think a lot of supermarket own brand ranges cover both bases by producing both distinctive own-brands, e.g. Sainsbury’s SO organic, and bland generic lookalikes, e.g. tomato ketchup by Sainsbury’s.

If a shopper’s perception of say, tomato ketchup, is a vague mental picture of Heinz’s product, but they don’t particularly believe that they must only buy the branded version, then they may find a lower priced but similarly styled product to be most acceptable. (Or they might just follow Homer Simpson’s wine-ordering principle, and get the 2nd least expensive one.)

With more fashion conscious buyers, it may be essential for most products to ape the styling of brand leaders, for example my two cheap Alcatel “iphones” here, or any training shoes (and other sportswear) not actually carrying a flagship brand.

Perhaps you would give examples of “extensive use”?. In my experience this is largely restricted to certain products in supermarkets. Many products do not deceive but their design follow similar trends – smart phones, TVs, cars etc.

There was a Convo on copycat products.

Derek – I’m sure we have all seen examples of what you mention. I’m not too concerned.

Alan G says:
18 August 2018

Most link alerts come from the browser so Linux/Android PCs will have the same link protection as any other user of Firefox/Chrome etc. Admittedly many Linux users turn it off because they reckon they can spot dodgy links better than the software…. But the capability is always there.

Alan G, I’m not sure my experience of Firefox/Chrome etc. on Linux/Android PCs supports your views here. I’ve seen too many “user sanctioned” adware & spyware infections to think that a good browser alone is enough.

Do you, by any chance, know of any additional security softwares for Linux/Android PCs that can help here?

This comment was removed at the request of the user

You should be able to claim under the Distance Selling Regulations, Duncan: https://www.which.co.uk/consumer-rights/regulation/distance-selling-regulations

Your familiar avatar is not appearing.

This comment was removed at the request of the user

Just as a matter of interest, Duncan, I decided not to go ahead with BT Plus because my speed and capacity requirements do not justify the extra cost and I do not want the ‘Plus’ features. I am quite happy to continue with the present speed and slightly higher monthly price. Now that so many people are switching to fibre I find the copper transmission becoming faster and increasing reliable!

This comment was removed at the request of the user

This comment was removed at the request of the user

Thank you, Duncan. I have complete satisfaction with BT which is why I stick with the company.

Since doing what I do on the computer is really my hobby the cost is lower than many other activities.

I prefer comments that contain summaries rather than links as they are more like real conversations, although I have noticed when chatting among friends it’s usually not long before someone whips their phone out to prove or illustrate a point. I can’t work out whether they are just showing off or are unable to explain themselves.

Are there any WhatsApp users out there, who’d like to join this Conversation?

I have received three or four of these scams over the last year or so from someone in my contacts list. They are all savvy people and have suprised me how gullible they have been. Although the ‘Offer’ changes ie Sainsbury, Costa Coffee etc, the scam wording is the same. Remind your friends nothing is for free

This comment was removed at the request of the user

This comment was removed at the request of the user