One WhatsApp image. ₹2 Lakh gone! The scam no one saw coming

Robot vs Human? Nah—China’s robot football match was straight up fire!
The fake war on your feed: how AI is rewriting reality
Online scams in India just went nuclear — ₹22K Cr lost in 2024
WhatsApp too sus for US govt, gets officially banned from government phones
Back from the dead? BlackBerry is making a wild comeback, but...
Will ads ruin WhatsApp? Here’s what you need to know!
This gadget turns your dreams into movies!
Nothing’s first over-ear headphones just leaked — and they look insane
Unsubscribing from spam? That’s exactly what scammers want!
Tech
Megha
11 APR 2025 | 13:31:58

In Jabalpur, a man recently lost ₹2 lakh after downloading what appeared to be a harmless image sent over WhatsApp. The message asked if he recognised the person in the blurry photo—phrased as a request for help, playing on basic human empathy. What followed was a textbook case of modern cyber fraud.

Fraudsters switch from links to image files

This new scam, dubbed the Photo Claim Scam, doesn’t rely on suspicious links or fake calls. Instead, it uses image files as weapons. Fraudsters embed malicious code into these images using a method called steganography. The moment the image is downloaded, the malware is activated—quietly compromising the victim’s device without any visible sign.

How the Jabalpur incident unfolded

The Jabalpur victim, like most, assumed the image was genuine. But embedded within that image was an APK file, disguised as a regular photo. Once installed, the file granted full access to the phone’s sensitive data: SMS inbox, UPI apps, banking credentials, and more. Within minutes, money began to disappear. Before he could take action, ₹2 lakh had already been withdrawn.

The mechanics behind the scam

Experts say this kind of malware is designed to exploit system permissions. Once inside the device, it reads banking messages, intercepts OTPs, and even executes transactions remotely. In some cases, the fraudsters follow up with a phone call, encouraging the target to check the photo—sealing the trap.

A new breed of cyber threat

While link-based scams and phishing attacks are familiar territory, this shift to image-based malware marks a more insidious evolution. Similar tactics were used in previous fraud campaigns, including one that circulated APKs disguised as wedding invitations. Now, the same playbook is being repurposed with photo-based deception.

What users should do to stay secure

Authorities and cybercrime experts urge users to take several precautionary steps. First, avoid downloading any images or files sent by unknown contacts—regardless of how harmless or emotional the message may seem. Second, disable automatic media downloads on messaging apps like WhatsApp. Third, never install APK files from outside trusted app stores, even if shared by someone you know. And finally, ensure your device is regularly updated with the latest security patches, and protected by a reputable antivirus application.

Logo
Download App
Play Store BadgeApp Store Badge
About UsContact UsTerms of UsePrivacy PolicyCopyright © Editorji Technologies Pvt. Ltd. 2025. All Rights Reserved