Overview
- Telangana Police and the TGCSB report festive messages on WhatsApp and Telegram that pose as greetings or gifts but deploy malware to capture OTPs, banking data and app access.
- NCCIA and TGCSB say compromised accounts often auto‑forward the same link to contacts and group chats, which accelerates the spread of the scam.
- Users are urged to avoid unfamiliar links, never share verification codes or OTPs, enable two‑step verification and install apps or updates only from official stores.
- If an account is hijacked, authorities advise uninstalling and reinstalling WhatsApp to re‑register via SMS, noting a potential wait of up to seven days if a two‑step PIN is active.
- People who clicked a suspicious link should disconnect from the internet, remove unknown apps, alert their bank immediately and in India report to the 1930 cybercrime helpline or the national portal.