New Year scam alert: As the New Year 2026 celebrations come closer, cybercrime authorities have issued a fresh warning for Indian citizens. The advisory warns about the increase in scam links shared in the name of festive greetings on popular messaging platforms like WhatsApp and Telegram.
According to officials, scam messages often arrive in the form of digital greeting cards, virtual gifts, or year-end rewards. These messages are usually written in a friendly and celebratory tone and prompt the users to tap the link to view a greeting or claim a surprise. In many cases, the message seems to be forwarded by familiar contacts or shared in family and office groups, making them harder to suspect.
Cybercrime teams say the threat begins once a user clicks the link. Instead of opening a greeting, Android users are prompted to download a malicious APK file. Once installed, the malware runs silently in the background and can access sensitive data stored on the phone, including banking information, OTPs received via SMS, photo galleries, and contact lists.
Also read: Apple iPhone 17 Pro price drops by over Rs 14,000: How to get this deal
The authorities have also warned that malware can hijack a victim’s WhatsApp account and automatically forward the same scam link to contacts, allowing them to spread rapidly during the festive season. As per the officials, these scams exploit trust rather than fear, as people are more likely to open links shared within known groups.
Cyber officials have urged users to remain cautious and avoid clicking on links that require installing apps just to view greetings. They recommend sticking to plain text messages, images, or videos from trusted contacts and downloading apps only from official app stores. Enabling features such as WhatsApp’s two-step verification can also help reduce risk. Additionally, we advise you to disable the automatic download of media files.
In case a user accidentally clicks on a suspicious link, experts advise immediately disconnecting the phone from the internet, uninstalling unknown apps, and informing the bank if financial details may have been compromised. Victims are encouraged to report incidents promptly by calling the cybercrime helpline 1930 or filing a complaint on the national cybercrime reporting portal.