The ‘Recognize the State of Palestine’ WhatsApp Message You Just Received Is a Scam

A new WhatsApp message is making the rounds online, urging users to "recognize the State of Palestine." Cybersecurity experts warn it's a phishing scam designed to steal personal information and spread through victims' contact lists.

This scam is built like a petition, and the link it promotes only opens on mobile devices. It also tries to trick people into sharing it willingly with friends before "confirming" their participation – a hallmark of social engineering tactics found in many WhatsApp scams.

A Fake Political Petition Goes Viral

All significant events, especially those with worldwide reach, such as the conflict in Gaza, attract cybercriminals. We've seen this over and over. One example of how suffering is weaponized was that of the massive earthquake that hit Turkey and Syria in 2023.

In less than 24 hours, scammers were posing as charity foundations to collect cryptocurrency from people around the world.

This WhatsApp scam is spreading rapidly under the guise of political activism. Victims receive a message that reads:

"I recognized the State of Palestine ✋ Tap here and choose Yes to recognize the State of Palestine — don't ignore it. Go record your recognition; we want as many recognitions as possible: https://vote[.]palestiny[.]com/”

The link points to "palestiine[.]votvi[.]com" or similar domains designed to look legitimate. Once opened, the site tricks users into sharing it further on WhatsApp, a simple tactic that fuels its rapid spread.

The Scam's Social Engineering

The scam exploits emotions and appeals to political convictions by mimicking a social cause campaign and pressuring victims to participate and forward it to friends.

The website, named "Recognize the State of Palestine" asks visitors to "Invite Friends" and "Confirm" their recognition (which is nonsensical, if you stop to think about it).

However, before the final step of the confirmation, users must share the link with 15 friends or five groups, which is always a red flag.

Mobile-Only Behavior

Interestingly, the phishing site refuses to load in desktop browsers, returning a 404 error, even though Google indexes it.

This evasion technique helps it avoid detection by automated security systems, which typically operate on desktops or servers.

We tricked it into showing up in a desktop browser, and it's easy to see that it even has testimonials. It also works only in some countries, while it won't even show up in others. The attackers know to only target relevant users. 

What Really Happens Behind the Scenes

The real purpose of this fake campaign isn't political – it's data theft and viral propagation.

• Personal data collection: The site may collect information about the devices that open it, browser fingerprints, and redirect users to pages that request personal or financial information.
• Malicious link sharing: By forcing users to forward the scam, the attackers achieve self-propagation, like classic WhatsApp "chain scams."
• Domain rotation: The use of multiple domains, such as votvi[.]com and palestiny[.]com reveals a likely fast-moving phishing operation that's trying to stay ahead of takedowns.

If users go further with the "confirmation," they may end up installing tracking scripts, expose their contact information and get redirected to malware, phishing, survey scams, or other scams from the myriad possibilities out there.

How to Protect Yourself

Don't Click or Share

Never click links from unexpected WhatsApp messages, even if they appear to promote a cause you support. Given how this scam spreads, you might receive it from someone in your contact list. Avoid forwarding such links to others.

Verify the Source

Legitimate petitions or awareness campaigns are hosted on official NGO or government websites, not domains with typos like palestiine[.]votvi[.]com.

Enable Link Previews

WhatsApp previews can expose shady domains before you click them. If the preview looks off or the site name seems strange, don't interact with it.

Use a Security Solution

Bitdefender's Mobile Security automatically detects and blocks malicious URLs, phishing links, and scam sites before they can load on your device.

Protect your mobile device from phishing, fake petitions, and malicious links. Bitdefender blocks domains used in WhatsApp phishing campaigns and ensures real-time protection against redirections, even from trusted contacts.

FAQs About the ‘Recognize Palestine’ WhatsApp Scam

1. Is this campaign real?
   No. The "Recognize the State of Palestine" message is a scam and it's detected as such by our security solution.
2. Why does it only work on mobile phones?
   The scammers designed it to evade detection and target users on smartphones, where most WhatsApp messages are read.
3. What happens if I shared the link?
   Inform your contacts, delete the message, and run a full scan using Bitdefender Mobile Security.
4. Can the site steal my money?
   This could happen indirectly. Phishing pages often redirect users to fake surveys or payment forms specifically built to collect banking details.