Phishing Scam Targeting Expectant Mothers You Need to Know This

As cybercriminals continue to evolve their tactics, phishing scams are becoming increasingly sophisticated and emotionally manipulative. One alarming trend involves attackers targeting vulnerable groups, including expectant mothers, by disguising scams as government financial assistance programs. A recent case in Malaysia revealed how fake maternity aid offers circulated on social media were actually designed to hijack victims’ Telegram accounts. This incident serves as an important reminder that phishing scams are no longer limited to suspicious emails, but now spread rapidly through platforms people use every day.

What Is a Phishing Scam?

A phishing scam is a type of cybercrime where attackers pretend to be trusted individuals, organizations, or government institutions to trick victims into sharing sensitive information. This information may include passwords, banking details, verification codes, identity documents, or access to personal online accounts. The main goal of a phishing scam is usually to steal data, hijack accounts, or commit financial fraud.

In the past, phishing scams were mostly spread through email. However, cybercriminals now use many other channels such as social media platforms, messaging apps, SMS messages, fake websites, voice calls, and even AI-generated videos or images. In this case, scammers used TikTok posts and WhatsApp conversations to convince victims that they were eligible for fake government financial assistance.

Read: Types and Examples of Phishing Emails Commonly Used by Scammers

How the Scam Worked

In this incident, scammers targeted expectant mothers by spreading fake maternity financial aid offers through social media platforms such as TikTok and WhatsApp. The scam falsely claimed that the Malaysian federal government was offering 500 ringgit in financial assistance to pregnant women and mothers who had recently given birth.

To make the campaign appear legitimate, the posts used official-looking government symbols, references to the “Malaysia Madani” initiative, and even impersonated healthcare professionals. However, investigations later confirmed that the aid program did not exist and was actually designed to steal victims’ Telegram accounts. The fraudulent posts included several elements intended to gain public trust, such as:

• Official-looking government logos
• The Malaysian coat of arms
• References to Prime Minister Anwar Ibrahim’s “Malaysia Madani” framework
• Claims that applications were open immediately

Victims were instructed to contact a WhatsApp number supposedly managed by a doctor named “Dr Faizan Irda Atty.” However, checks on the Malaysia Medical Council registry found no registered doctor by that name. Once victims contacted the number, the scammers requested their Telegram phone number, claiming that Telegram was the only platform through which applications could be processed.

After receiving the victim’s number, the attackers triggered a Telegram verification code request and asked victims to share the code with them. In reality, the verification code was the main target of the phishing operation. By obtaining the code, attackers could hijack the victim’s Telegram account and use it for various cybercrimes, including:

• Identity impersonation
• Online fraud
• Financial scams
• Extortion
• Further phishing attacks

Why Expectant Mothers Are Being Targeted

Cybercriminals often focus on emotionally vulnerable groups because they are more likely to react quickly without thoroughly verifying information. Expectant mothers may become ideal targets because:

• Pregnancy-related expenses can create financial stress
• Government aid programs are common in many countries
• Victims may urgently seek financial assistance
• Emotional excitement can reduce skepticism
• Health-related information tends to carry higher trust

Attackers understand human psychology very well. Instead of relying solely on technical hacking methods, many phishing scams now focus on manipulating emotions such as urgency, hope, fear, or compassion. This strategy is commonly known as social engineering.

The Role of Social Media in Modern Phishing Scams

Social media platforms have become powerful tools for cybercriminals because they allow scams to spread rapidly to large audiences. In this case, TikTok was used to distribute misleading information through short videos and posts. The content appeared authentic because it contained:

• Government branding
• Professional-looking visuals
• Financial aid claims
• Instructions that sounded official

Many users tend to trust information shared repeatedly on social media, especially when it appears connected to government programs or healthcare services. Unfortunately, cybercriminals exploit this trust. Modern phishing scams on social media may involve:

• Fake giveaways
• Fraudulent job offers
• Financial aid scams
• Charity scams
• Fake investment opportunities
• AI-generated celebrity endorsements
• Fake healthcare campaigns

Because these scams often appear visually convincing, users may not immediately recognize the warning signs.

Warning Signs of a Phishing Scam

Phishing scams often contain warning signs that can help users recognize suspicious activity before becoming victims. Understanding these red flags is important because modern scams are designed to look highly convincing, especially when they involve financial assistance or government-related programs.

1. Requests for Verification Codes
   Legitimate organizations rarely ask users to share one-time passwords (OTP) or verification codes. If someone requests Telegram, WhatsApp, banking, or SMS verification codes, it is often a strong indication of a phishing scam attempting to hijack accounts.
2. Urgent Financial Offers
   Scammers frequently create a sense of urgency to pressure victims into acting quickly without verifying the information first. Phrases such as “Apply now,” “Limited assistance,” “Immediate payment,” or “Only today” are commonly used to manipulate emotions and encourage rushed decisions.
3. Communication Through Personal Messaging Apps
   Government agencies and official institutions typically use verified websites or official communication channels instead of random WhatsApp numbers. Users should be cautious when a supposed government program suddenly redirects them to personal messaging accounts.
4. Unverified Identities
   The individual claiming to manage the aid program in this case was not listed in the official medical registry. Before trusting financial or healthcare-related information online, users should always verify the identity of the person or organization involved.
5. Lack of Official Website Information
   The Malaysian finance ministry later confirmed that no federal maternity assistance program existed. Before applying for any financial aid offer, users should first check whether the information appears on official government websites or verified public announcements.

By recognizing these warning signs early, users can significantly reduce the risk of becoming victims of phishing scams. Staying cautious, verifying information carefully, and avoiding emotional decisions are essential steps in protecting personal accounts and sensitive information online.

How Governments and Authorities Respond

Malaysian authorities have previously warned citizens about phishing scams involving Telegram account hijacking. Law enforcement agencies explained that stolen Telegram accounts are often reused in broader cybercrime activities such as online fraud, fake investments, romance scams, financial extortion, and identity theft. Authorities also stressed that public awareness plays an important role in preventing these attacks from spreading further.

Meanwhile, Malaysia’s finance ministry confirmed that no federal maternity aid scheme existed and clarified that the viral TikTok posts were misleading. Citizens were advised to rely only on official government websites and verified communication channels when seeking information about financial assistance programs. The incident also shows how quickly misinformation can spread online, especially when combined with emotionally appealing narratives.

How to Protect Yourself From Phishing Scams

Protecting yourself from a phishing scam requires both awareness and caution. As cybercriminals continue using more convincing tactics through social media, messaging apps, and fake financial aid offers, users must become more careful when sharing personal information online.

1. Verify Information Through Official Sources
   Always check government announcements through official websites or verified social media accounts before trusting financial aid information. Viral posts, forwarded messages, or unverified social media content should never be treated as official sources without confirmation.
2. Never Share Verification Codes
   OTP codes and Telegram verification codes should always remain private. Legitimate organizations, banks, or government agencies will never ask users to send these codes directly through WhatsApp, SMS, or social media chats.
3. Enable Two-Factor Authentication
   Additional security settings such as two-factor authentication can provide stronger protection for messaging apps, email accounts, and online banking services. Even if attackers obtain passwords, extra verification layers can help prevent account hijacking.
4. Be Careful With Emotional Content
   Scammers often exploit emotions such as fear, hope, sympathy, or financial stress to pressure victims into making quick decisions. Users should take time to verify information carefully before reacting emotionally to urgent financial offers or assistance programs.
5. Check Identities Carefully
   Before trusting healthcare workers, financial advisors, or government representatives online, always verify their identities through official registries or trusted websites. Fake identities and impersonation are commonly used in phishing scams to gain public trust.
6. Educate Family Members
   Phishing scams frequently target vulnerable groups such as elderly individuals, students, job seekers, parents, and expectant mothers. Sharing cybersecurity awareness with family members and communities can help reduce the risk of more people becoming victims.

By following these cybersecurity practices, users can better protect themselves from phishing scams and other online threats. Staying vigilant, verifying information carefully, and avoiding rushed decisions are essential steps in maintaining digital security in today’s increasingly connected world.

Read: Social Engineering and Phishing: Scams You Need to Know About

Conclusion

The fake maternity assistance campaign in Malaysia shows how modern phishing scam operations exploit trust, emotion, and social media to target vulnerable individuals. By impersonating government programs and healthcare professionals, cybercriminals attempted to hijack Telegram accounts and spread further cybercrime activities. As phishing scams become more sophisticated, public awareness remains one of the most important defenses. Users should always verify suspicious offers, avoid sharing verification codes, and rely on official sources before providing personal information online.