Politics

How to avoid the most widespread online scam of the moment: “You can completely lose access to your WhatsApp account”

Photo of Ashley Davis Ashley Davis12/03/2026
0 49 4 minutes read

Lately, more and more people are writing on social networks that they have fallen “in the net” of an online scam that starts with an SMS related to a fake package. At worst people end up sending money to criminals and the whole “scheme” is well thought out so they end up being victims and people who are generally harder to fool.

The National Cyber ​​Security Directorate (DNSC) warned that several users have reported fraud attempts that begin with the attackers sending an SMS message in the name of a courier company. Most often the name FAN Courier is used, because it is the company that delivers the most parcels.

One of the scenarios kept spreading

Attackers send SMS messages to potential victims, taking advantage of a time when many users are waiting for packages, for example in the morning. Either they are told that they have a package that needs to be picked up from the “locker”, or they are told that the package cannot be delivered to the locker of their choice, so they are told “urgently” to go to the courier company's website and change the locker.

But it is NOT the original site, but the link leads to a phishing site, where the potential victim is redirected to log in with their personal WhatsApp account, prompting people to enter a malicious code into the WhatsApp app. If the login is accepted and the process is completed, the attackers gain access to the victim's WhatsApp account.

What happens next? Criminals send messages to as many contacts as possible, messages requesting a loan (by bank transfer, with IBAN provided in the conversation).

“The messages are like: 'Hello. Sorry for the question, but do you have 2,700 lei on your card, please? I'll return it to you tomorrow morning'”

For the attackers, it is enough if out of thousands of such messages sent, there are victims and only a few people who send money.

“A game of cat and mouse” – What to watch out for?

Mihai Rotariu, communications director at DNSC, explained to HotNews.ro that the attackers create clone sites like fancourier.lol or fancourier.xyz. “There are clear indications of a scam, but you have to be patient, do the verification.”

DNSC data, sent to HotNews.ro, indicate that the organization received 600 reports on this mode of operation in the last four months. In February their number was triple compared to January.

The problem is that we are talking about “a game of cat and mouse”. DNSC is notified by people who have seen those sites, hosting companies are asked to close the site, but that site is moved to another domain. Unfortunately, this is the reality”, explains the representative of the directorate.

The original sites have URLs like fancourier.ro, sameday.ro, dpd.ro, cargus.ro – so checking the domain is basic, but also the fake AWB sent by the attackers.

“Prevention is more important, they exploit inattention and the fact that in the case of courier services, when we receive an SMS with a link, we go to the website and see that visually it resembles the one we are used to. Many of the SMS are sent when people are at work or doing other activities, maybe you are in a hurry, maybe you have a meeting at work, maybe you are driving. Specialized people can also fall into the net”, says Mihai Rotariu.

It must be said that when you open that clone site, you see your name, email, phone number and an AWB that at first glance looks valid. At the bottom of the pages there is also a map with the lockers, so that everything seems as believable as possible.

The DNSC official says that we should avoid logging into app accounts through links provided in unsolicited messages and it helps to know that FAN Courier, Sameday, Cargus or other courier companies NEVER ask for WhatsApp login.

Why it is not a good idea to uninstall WhatsApp

If you enter the code sent by the attackers into WhatsApp, they can take control of the account, but if they haven't had time to send all their contacts asking for money, all is NOT lost. You can enter the settings to see if other devices are connected (in the English menus “Linked Devices” and another way to secure yourself is to set two-step authentication (for example, set a six-digit PIN or have biometric authentication), explains Mihai Rotariu.

The DNSC representative says that there are people who panic and when they hear that some friends have received messages asking them for money, they uninstall the WhatsApp app. It's not a good idea because “you can lose access to your WhatsApp account altogether”. Securing your account is the best solution so you can still be in control.

In the worst situations, attackers, if they want to make full use of victims' accounts, depending on the infrastructure they have available, can activate a victim's WhatsApp account on certain devices and remove other devices connected to the application and change passwords as well. “The WhatsApp account recovery process is more difficult, because you also have to go through Meta's support center,” says the DNSC representative,

The one who fell victim to the scam must immediately announce on the available channels that his WhatsApp account was “hacked”, says Mihai Rotaru, explaining that in this way, the people who would receive those false requests for money, will not fall into the trap, because they will know that it was a scam.

It is important to report what you have suffered for another reason as well. “The attackers can do something else, they can send similar links to infect your device or compromise your WhatsApp account. Basically, they run the scam to gain access to other WhatsApp accounts, in addition to trying to get money,” says Mihai Rotaru.

What FAN Courier says

In February, FAN Courier explains that it NEVER asks for passwords, WhatsApp codes, verification codes or bank details via SMS.

“Recently we are seeing more and more SMS scams. Attackers send links with the aim of gaining unauthorized access to your WhatsApp account by entering verification codes.

FAN Courier never asks for passwords, WhatsApp codes, verification codes or bank details via SMS.

Always check the status of the package ONLY in the mobile application or on fancourier.ro””

Photo of Ashley Davis Ashley Davis12/03/2026
0 49 4 minutes read
Photo of Ashley Davis

Ashley Davis

I’m Ashley Davis as an editor, I’m committed to upholding the highest standards of integrity and accuracy in every piece we publish. My work is driven by curiosity, a passion for truth, and a belief that journalism plays a crucial role in shaping public discourse. I strive to tell stories that not only inform but also inspire action and conversation.

Related Articles

Nicușor Dan about Coldea's mandate at SRI, at the Hotnews question: “harmful to society” / What did he say about Coldea

01/05/2025

An installation from recycled cables transforms the Unirii Square. Marlene Herberth: “A connection between the urban landscape and the memory of humanity”

16/05/2025

What is Iran actually negotiating with, Trump?

20/04/2026

The official selection of Astra Film Festival 2025: “The documentary film remains a source of lucidity and truth”

06/09/2025

Leave a Reply

Your email address will not be published. Required fields are marked *

2022 © Automatic RSS News Aggregator KNews.Media. Company Name: KNEWS Media Group LLC Address: 160 Broadway, New York, NY 10038 United States
Back to top button