Costa News Spain Breaking News | English News in Spain.
WhatsApp scam alert: Screen-mirroring con lets crooks view your PINs and OTPs in real time. Never share your computer screen. Instead, call your bank at the official number. Report any attempted hacks via cybercrime.gov.in or 1930.
Credit : JarTee, Shutterstock
What is the WhatsApp screen-mirroring scam – and why it’s spreading..
The call begins with a familiar voice and logo. A caller says they’re from your bank, card issuer or a finance app and there’s a ‘small problem’ with your account. To ‘help’, they ask you to share your screen on WhatsApp or install a ‘support’ app. Then, the game is on. The crooks are able to watch your screen as you type in PINs and open banking apps, and move faster than the time it takes for you to hang up. The tactic, according to experts, works because it uses trust, urgency, as well as tech that you are already using. Money and identities can disappear from your phone before you even realise that something is wrong.
A more dangerous variant is available. Instead of stopping at screen-share, the scammer nudges you to enable ‘install from unknown sources’ on Android and drop in a remote-access tool or a keylogger – software that records what you type. This can reveal bank passwords, UPI PINs or social logins as well as ID images, even after the call has ended. In short: if someone you didn’t call asks to see your screen, it’s not support—it’s a setup.
How the fraud unfolds: the ‘support call’ that turns into a takeover
Credibility is the first step. The imposter uses a faked number, knows your name, or the last 4 digits of your card. The script is practised: a failed payment, a blocked KYC update, or a suspicious transfer they’ve ‘spotted for you’. The solution? “Let me guide you”—and you’re talked through enabling screen-share or installing a mirroring app. If you hesitate, the pressure increases: “We won’t be able to secure your account unless they see the issue.”
The next step is the initiation. They ask you to open your banking or UPI app ‘for verification’. They’re watching you in real-time while you do this. Details are recorded the moment you receive an OTP, enter a PIN, or accept a push notification. Some scammers will even ask that you read out the OTP “so that we can verify it at our end”. They’ve already moved money, reset security and locked you out by the time you realize the scam.
Then, there is the backdoor. If they convinced you to install a helper app—or to grant sweeping accessibility permissions—they may not need you online again. Keyloggers or remote tools can be used to collect screenshots and keystrokes. Then, they can raid additional accounts. Some victims have reported waking up and finding new loans or cards maxed out, as well as messages from contacts they did not send. The screen-mirroring crime is so offensive because it doesn’t only involve money. It’s also about the control you have over your digital world.
How to protect your money – right now
These fixes are simple, and that’s why they work. Never share your screen. If you get a message from or a phone call that claims to come from your bank, just hang up and dial the number found on your credit card or app. Support teams do not need to monitor your phone in order to “verify”.
Lock down all your tech. Android: Turn off “install unknown sources”. Don’t give access or screen overlay permissions to applications you do not trust. Update your phone so that known vulnerabilities are fixed. Wherever it’s offered, use two-factor authentication (2FA) and, inside banking apps, prefer the on-screen keyboard—keyloggers struggle to capture clicks the same way as keystrokes.
Change your banking habits during phone calls. Even if you’re screen-sharing, never open any banking, UPI, eWallet or other apps when someone else is with you. Stop if a caller is rushing you. Slowing down can help you defend yourself from scams that rely on speed.
Act quickly if you make a mistake. Contact your bank to reset passwords, freeze accounts or cards and cancel them. Block the number and report it on WhatsApp. File a report or call the helpline—both routes help investigators spot patterns and can improve your odds of recovery. Change passwords for email and other services. Email resets are usually the next step.
This con isn’t clever—it’s pushy, well-rehearsed and effective. If someone says, “Share your screen”, it’s best to ignore them. Stop the chat and call your bank using the official number. Tell a friend about what almost happened. Awareness spreads faster than any scam—and it could be the reason the next person hangs up in time.
