Threat
WhatsApp continues to be a common platform for scams targeting Muslims — from fake charity collections to people pretending to be relatives in need. The approach is simple: send a message that feels urgent or personal, hoping you’ll respond without thinking.
Between 2023 and August 2025, reports of scams coming from unknown WhatsApp numbers have increased worldwide. These scams often spike during Ramadan, Eid, and disaster relief periods.
It only takes one message to set events in motion. The result can be identity theft, financial loss, or even a hijacked account.
Scams targeting Muslim communities via WhatsApp are sophisticated, culturally targeted, and evolving fast. If your organization or community handles charitable funds or sensitive communications, operational awareness is your first line of defense.
Noorstream delivers threat intelligence, vulnerability management, and offensive security assessments for high-risk environments.
The 7-Step Verification Protocol
If you get a message from a number you don’t recognize, follow these steps before engaging.
1. Don’t reply right away
Responding confirms your number is active and makes you a target for more attempts.
2. Check the number
Look for unusual international codes, extra-long numbers, or no profile picture/name.
3. Read the message carefully
Be alert for emotional pressure, requests for money or verification codes, strange links, or sloppy grammar.
4. Verify the claim yourself
- If it’s supposedly someone you know, contact them using a number you already have saved or ask mutual contacts.
- If it’s a business or organization, search for their official site and use the contact details listed there, not the ones in the message.
5. Search the number online
Many scam numbers are already reported by others.
6. Never share personal details or codes
No legitimate contact will ask for two-factor authentication codes, passwords, bank details, or ID photos over WhatsApp.
7. Block, report, and delete
Use WhatsApp’s built-in tools to report and block the number, then delete the chat to avoid accidental clicks later.
Quick Reference Table
| Red Flag | What to Do |
|---|---|
| Unknown number | Don’t reply. Investigate or ignore. |
| Urgent or emotional tone | Verify independently before engaging. |
| Suspicious links or files | Don’t click. Delete the message. |
| Requests for money or OTP | Don’t send. No legitimate contact will ask this way. |
| Sloppy grammar or spelling | Treat as a warning sign. Block and report. |
Updated Best Practices
- Group admins should double-check suspicious messages before responding.
- Post a simple verification rule set in WhatsApp groups for everyone to see.
- Talk to family members, especially elders, about these scams.
- Regularly review group member lists for unknown numbers.
- Be aware that scammers are now using AI tools to create fake profile pictures and even send fake voice notes.
Noorstream’s Position
Scams that come as friendly or familiar messages are designed to take advantage of trust. Protect yourself and your community by slowing down, verifying, and treating every unverified message as a potential threat.
Don’t assume. Don’t engage. Don’t risk it.