Cybercriminals can leverage this scam to steal your personal and banking data, compromise user privacy, and install malware on the phone.
Scammers are said to be targeting users via SMS or a WhatsApp message
Photo Credit: Pexels/ Anton
Cybercriminals are once again exploiting the festive mood, as we head into the new year, to target unsuspecting smartphone users in India. A new scam is said to be doing the rounds, which claims to let users create personalised New Year greeting cards. But instead, it delivers a malicious APK file which can compromise smartphones to steal personal information, cause financial losses, and compromise user privacy. The advisory, issued by the Hyderabad Cyber Crimes Unit, mentions that the fraudulent links are being widely circulated via WhatsApp, SMS, and social media platforms.
According to the advisory, the New Year greeting scam is designed to prey on unsuspecting users who simply want to share New Year wishes with friends and family. Users typically receive a message via SMS or WhatsApp, which prompts them to tap a link to generate a personalised New Year greeting card with their name or photos.
If the user clicks on the link, they are redirected to a webpage that prompts them to download an APK file, which is disguised with festive names such as Happy New Year.apk. While it may appear harmless, installing the APK can inject malware and give threat actors access to sensitive information stored on the device, turning a simple attempt to send a New Year greeting into a financial and privacy risk with serious consequences.
As per the Hyderabad Cyber Crimes Unit, cybercriminals can leverage this scam to steal your personal and banking data, compromise user privacy, install malware on the phone, and even provide cybercriminals control of the device.
To mitigate such scenarios, users are advised to:
If users suspect they have encountered or fallen victim to the New Year greeting scam, they are recommended to contact the national cybercrime helpline at 1930 or file a complaint online via the cybercrime.gov.in portal. Prompt reporting can help limit financial losses and aid investigations, as per the cybercrimes unit.
In recent weeks, security researchers have also warned about another cyber campaign called GhostPairing. It is claimed to allow attackers to silently take over WhatsApp accounts without compromising passwords or attempting SIM-swapping techniques. As per reports, it exploits the device linking capability of WhatsApp to trick users into approving a malicious device linkage.
While device linking usually happens via either QR code or numeric pairing code, researchers suggest that the latter is more common.
This usually begins with a short message received by users from a contact, which contains a link directing them to a Facebook photo. Once clicked, it redirects them to a spoofed Facebook login page that asks for their login credentials, such as a phone number. The next screen allegedly shows a numeric code, with instructions guiding them to enter it on WhatsApp. Instead, the attacker's browser gets added as a linked device to the victim's account.
Catch the latest from the Consumer Electronics Show on Gadgets 360, at our CES 2026 hub.