Phishing on Viber
Phishing campaigns on Viber distribute malicious links through mass messages and group posts, targeting banking credentials, parcel-delivery data, and government-service logins with convincing impersonation pages.
Part of: Phishing
Last reviewed: 1 June 2026
Viber phishing campaigns are frequently regional and opportunistic, timed to coincide with widely expected communications like parcel notifications, tax season reminders, or health service updates. Scammers send mass Viber messages to large numbers of phone contacts, relying on volume to reach users expecting legitimate communications from the impersonated services.
Because Viber shows the sender's phone number rather than a verified sender identity, messages can appear deceptively legitimate, particularly when they use familiar logos and reference current events.
How this scam works on Viber
A Viber message arrives from an unknown number purporting to be a bank, postal service, or government agency, informing the recipient of a package requiring customs payment, an account security alert, or a benefit claim requiring verification.
The link leads to a convincing but fraudulent website designed to capture banking credentials, card details, or identity information. Some phishing pages request one-time passwords, enabling real-time account takeover while the victim waits for a supposed verification process.
Group phishing on Viber uses compromised accounts to forward malicious links to the victim's contact list or group memberships, exploiting existing trust relationships.
Common red flags
- Viber message from an unknown number referencing your bank or a parcel delivery
- Message creating urgency around payment, account security, or missed delivery
- Link in a Viber message that does not match the official domain of the claimed sender
- OTP code request arriving immediately after clicking a Viber link
- Message forwarded by a contact that contains an unusual link
- URL shortener concealing the actual destination of the link
How to protect yourself
- Access banking and government services directly through official apps or bookmarked URLs rather than Viber links
- Enable Viber's spam message filter in the app settings
- Verify parcel delivery notifications through the carrier's official app or website
- Never enter banking credentials on a page reached through a Viber message
- If a contact forwards an unusual link, contact them through a different channel to verify it
How to report it
- Report phishing messages using Viber's in-app report and block function
- Report the phishing domain to your national cybersecurity agency and your bank
- If credentials were entered, contact your bank immediately to freeze the account
Frequently asked questions
How can I tell a legitimate Viber message from a phishing attempt?
Legitimate banks and government services do not request credentials or payments through Viber messages. Always access these services through official apps rather than following links in messages.