In the digital age, cybercriminals are becoming increasingly innovative, finding new ways to deceive unsuspecting victims. A recent incident from Jabalpur, Madhya Pradesh, highlights a shocking new method of fraud that uses WhatsApp images to hack smartphones and steal money directly from bank accounts.
A local man became the latest target of this sophisticated scam when he received a photo from an unknown number on WhatsApp. Believing it to be harmless, he downloaded the image. Within minutes, his phone was compromised and ₹2.01 lakh disappeared from his bank account.
This alarming scam is being called the “WhatsApp Image Scam.” Cybersecurity experts warn that this type of fraud works similarly to a Trojan Horse attack. The seemingly innocent image file actually contains malicious code. Once downloaded, the malware silently installs itself on the victim’s phone, giving hackers remote access to the entire device, including sensitive financial apps and data.
According to cybersecurity specialist Ishan Sinha, even common image formats like JPEG, PNG, and GIF can be embedded with harmful scripts. This isn’t just limited to WhatsApp — users of Telegram, Facebook Messenger, and even email platforms are also at risk.
Once the malicious file is downloaded:
The malware activates in the background.
Hackers gain control over the device.
They can access banking apps, UPI platforms, and extract sensitive information.
Funds are transferred out within minutes, often before the user even realizes something is wrong.
With such attacks on the rise, it’s crucial to stay informed and take preventive steps. Here are essential safety measures recommended by experts:
If you receive a file or image from an unfamiliar number, do not open or download it. Delete it immediately.
Go to Settings > Storage and Data, and disable auto-download for photos, videos, and documents under mobile data, Wi-Fi, and roaming.
Always use the latest version of your phone’s operating system and apps. Updates often contain critical security patches.
If you notice your phone slowing down, battery draining unusually fast, or unfamiliar apps appearing, your device may be compromised.
Restart your phone in Safe Mode (available in Android).
Delete suspicious apps manually.
On iPhone, uninstall unwanted apps directly.
Clear your browser history and cache regularly.
Activate 2FA on all financial platforms, including UPI apps and bank accounts. This adds an extra layer of protection against unauthorized transactions.
Cybercriminals often use QR codes or misleading links as bait. Don’t fall for them, especially if sent via SMS or messaging apps.
This incident from Jabalpur is a stark reminder that even a simple image can lead to significant financial loss. As technology continues to evolve, so do the tactics of cybercriminals. But with increased awareness, digital hygiene, and timely action, you can stay one step ahead of the fraudsters.
If you believe your phone has been hacked or your account compromised, contact your bank and local cybercrime authorities immediately. Swift action can prevent further damage.
