Meta is introducing new anti-scam protections across its platforms, deploying systems and user-facing warnings to protect users against scammers.
The new features are designed to help catch fraud attempts before WhatsApp, Facebook, and Messenger engage with them.
WhatsApp now alerts users when behavioral signals suggest a device-linking request may be fraudulent, a tactic scammers have been using to hijack accounts by tricking users into sharing a linking code or scanning a malicious QR code.
“Scammers may try to trick you into linking your WhatsApp account to their device,” Meta explained on Wednesday. “For example, they may urge you to share your phone number, followed by a device linking code on your WhatsApp or try to trick you into scanning a QR code under false pretenses, which would then link the scammer’s device to your account.”
The change comes after the Netherlands Defence Intelligence and Security Service (MIVD) and the General Intelligence and Security Service (AIVD) warned that Russian state-backed hackers have been targeting Dutch government employees in a phishing campaign aimed at their Signal and WhatsApp accounts.
WhatsApp allows users to connect multiple devices (e.g., computers, phones, tablets) to an account to send and receive messages across those devices. This is done by scanning a QR code generated by the main mobile device, which authorizes the new device to access and synchronize the messages.
However, attackers who trick a user into linking a malicious device will gain access to the victim’s messages, read their chats, and may even send messages while impersonating the victim. Additionally, unlike account takeover attacks, the victims will usually retain access to their accounts, making the breach harder to detect.
The company is testing warnings that flag suspicious friend requests on Facebook based on signals such as a small number of mutual connections or a profile location that doesn’t match the user’s region.
Its anti-scam detection feature on Messenger will also expand to more countries, identifying patterns consistent with common schemes like fake job offers and giving users the option to submit suspicious chats for an AI review.
Meta has also rolled out AI systems that analyze text, images, and contextual signals to identify celebrity impersonation, brand spoofing, and deceptive links used by threat actors to redirect potential victims to fraudulent websites impersonating legitimate ones.
In total, in 2025, Meta says it removed over 159 million scam ads and took down over 10.9 million accounts on Facebook and Instagram linked to criminal scam operations.
Meta also participated in a global law enforcement operation that led to the arrest of 21 suspects and the shutdown of more than 150,000 accounts linked to scam networks in Southeast Asia, including groups running fake cryptocurrency investment schemes and extortion rings.
“We are proud to partner with the Royal Thai Police, the FBI, the DOJ Scam Center Strike Force, and law enforcement agencies from around the world to combat these sophisticated scam networks,” said Chris Sonderby, Vice President and Deputy General Counsel at Meta.
“This operation is a testament to how sharing information and coordinating our efforts can make real progress in disrupting this criminal activity at its source.”
Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight.
Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded.
