WhatsApp AI Scams: Why Meta has Removed 6.8 Million Accounts
Meta has undertaken its largest cybersecurity enforcement action on WhatsApp, removing 6.8m accounts linked to scam operations in the first half of 2025. The crackdown specifically targets criminal networks leveraging AI for fraud schemes.
The company partners with OpenAI to combat criminal organisations that use AI-generated messages to initiate contact with potential victims.
The investigation uncovers that many of the deleted accounts were connected to organised crime centres in Southeast Asia, operating under conditions described by authorities as modern slavery.
Advanced Detection Systems Combat Cyber Threats
WhatsApp implements machine learning technologies to identify suspicious behaviour patterns before criminals can operationalise accounts. The platform now includes enhanced security features, such as warning users when unknown contacts attempt to add them to group chats - a common tactic used by cybercriminals to expand their reach.
- According to the US Secret Service: “Pig butchering scams involve fraudsters gaining the trust of victims, oftentimes via a fictitious romantic relationship, and duping them into making investments into fake cryptocurrency projects. These schemes typically begin with a victim meeting someone on an online dating website. Alternatively, a victim may receive a random unsolicited message on social media, via text, or through a messaging application, with the conversation eventually appearing to turn romantic.”
Meta reports proactively detecting and removing accounts before scam centres can activate them, representing an important shift toward preventive cybersecurity measures rather than reactive responses to user reports.
Criminal Operations Exposed
The investigation uncovers a Cambodian criminal group that exploits ChatGPT to generate initial contact messages with victims. The operation involves AI-crafted text messages containing WhatsApp links, after which targets are directed to Telegram and assigned tasks like engaging with TikTok videos for supposed monetary rewards.
Criminals employ complex social engineering tactics, using fabricated success screenshots to convince victims to make cryptocurrency deposits for access to higher-paying tasks.
Challenges in Cybersecurity
The enforcement action highlights the scale of cybercriminal organisations adopting AI tools to expand their operations. While Meta and other technology companies deploy AI for fraud detection, criminal networks leverage the same technology to create convincing communications and automate victim targeting.
Countries including Myanmar, Cambodia and Thailand emerge as hubs for these cybercrime operations. Local authorities face ongoing challenges in containing networks that expanded during the pandemic and have extracted tens of bn dollars from victims globally.
Consumer rights organisation Which? acknowledges Meta's efforts but calls for expanded cybersecurity measures across all company platforms. "Meta must do much more to stop these criminals across all its platforms."
The cybersecurity challenge extends to regulatory frameworks, with UK communications regulator Ofcom facing pressure to strengthen enforcement of the Online Safety Act in response to widespread cyber fraud activities.
While the removal of 6.8m accounts demonstrates WhatsApp's commitment to cybersecurity, the evolving nature of AI-powered cyber threats suggests this action represents just the beginning of an ongoing battle against digital fraud.
