It’s wedding season in India, and with digitalisation, more and more e-invites are coming onto WhatsApp- being an easy mode to inform relatives and friends. But with tech being a help, could also be a dangerous mode, as scammers have discovered this new way of stealing data and hacking the phones of the users.
The cybercriminals are reportedly exploiting a wedding invitation scam which looks like a simple wedding invitation link on your smartphone app, which could lead to a gateway for a cyberattack, risking all your data stored in the device.
Fake wedding invite
Himachal Pradesh Police have alerted citizens about this latest scam. Cybercriminals send fake wedding invitations via WhatsApp as malicious APK files.
How does this scam trigger?
Once the user downloads the e-invitation card on their smartphone, the file will infect the device with malware, giving hackers full access to your device. Attackers will be able to steal user’s personal data, send messages from the infected device, and even attempt extortion—all without the victim’s awareness.
How does the Wedding Invitation scam work?
- The scam usually starts with a WhatsApp message from an unknown number which acts like a relative sharing a wedding invite.
- The message will include an attachment which will appear harmless but it indeed is a ‘harmful APK file’.
- If the user downloads the file, it will install a malicious app on the phone, which will immediately start accessing all your sensitive data, monitor your activities and potentially take control of the device.
- In more advanced cases, hackers have been using the compromised device to send messages to the victim’s contacts, pretending to be the owner of the number and requesting money or any other sensitive information.
- This type of attack can result in serious financial and personal losses for unsuspecting users.
Cybersecurity alert: Be cautious with unknown files
Himachal Pradesh Cyber Police have issued a warning for the residents of the area to be alert and cautious when they receive any wedding invitation over a WhatsApp message from unknown numbers, especially if they contain any attachments.
It is important to avoid downloading files from unknown senders, especially APK files, as these are often used to spread malicious apps.
DIG Mohit Chawla, of Himachal Pradesh’s State CID and Cyber Crime Department, emphasized the need for vigilance.
He advised, “If you receive an unsolicited wedding invitation or any file from an unknown number, do not click on it. Verify the sender and ensure the file is legitimate before downloading anything onto your phone.”Chawla also noted that even files from known contacts should be checked if they seem unusual, as the sender’s device could also be compromised.
ALSO READ: Beware! New scam using TRAI’s name could drain your bank account
What to do if you are targeted by cybercriminals
- If you fall victim to this or a similar cyber scam, then authorities will advise quick action.
- You could also report cyber fraud by calling 1930, the national cybercrime helpline, or by visiting the official government portal at cybercrime.gov.in to file a complaint.
- Authorities have also raised concerns about other online scams on the rise, including fraudulent loan offers that claim to offer fast cash but steal financial data, leading to identity theft and financial loss.
- Also, do not forget the number details on the Chakshu portal.
How to stay safe in the Digital World
- To stay safe and protected from falling prey to cyber fraud, experts have recommended practising caution and awareness:
- Avoid clicking on unfamiliar links or downloading unsolicited files.
- Always verify the authenticity of online communications before taking action.
- Be cautious even with familiar contacts if messages or attachments seem unusual.
As cybercriminals become more sophisticated, it’s crucial to stay informed and vigilant.
Awareness is the best defence against online scams and helps ensure you and your data stay safe in an increasingly digital world
ALSO READ: After digital arrest, online share market scam is growing rapidly: How to be safe?