A simple photo download from an unknown WhatsApp contact cost a Maharashtra man to lose over ₹2 lakh.The image, which appeared to be of an elderly man, turned out to be part of a sophisticated scam. .

Pradeep Jain, the victim, first received a call from an unknown number, followed by a WhatsApp message with the photo and a question: “Do you know this person?” He initially ignored it, but after repeated calls, he decided to open the image around 1:35 PM.

That simple action compromised his phone. In just a few minutes, ₹2.01 lakh was taken from his Canara Bank account through an ATM in Hyderabad. To make matters worse, when the bank tried to verify the transaction, the scammers used a voice that sounded like Pradeep’s to trick the bank. This incident shows how dangerous it can be to open messages or files from unknown sources, even if they seem harmless.

Experts later found that the scam used a trick called LSB steganography. This trick hides harmful code inside normal files like pictures, songs, or documents. Unlike regular viruses that get noticed by antivirus programs, these files look safe. The harmful code stays hidden until you open the file, and that’s when it becomes active.

Neehar Pathare, Managing Director at 63SATS, explained that steganography hides harmful code inside tiny bits of data in a file. This makes it hard for regular security systems to detect the malware, so both users and antivirus software often miss it. To find such threats, special tools are needed.

Tushar Sharma, cyber expert and co-founder of TOFEE, said that images use red, green, and blue colour channels to display visuals. Hackers can hide malware in any of these channels, or even in the alpha channel, which is responsible for transparency. When the infected image is opened, the malware secretly installs itself and can steal personal information like bank details and messages. Pathare added that once the file is opened, the hidden instructions run without triggering any alarms, letting the hackers work undetected.

Common file types used in these attacks include .jpg, .png, .mp3, .mp4, and PDF. These files are shared frequently on platforms like WhatsApp and often appear harmless, making it easier for them to slip through without raising suspicion. Unlike traditional scams that use phishing links or fake login pages, these attacks hide the harmful code inside files that people typically trust.

Cybersecurity experts say taking a few simple steps to protect yourself from these attacks. These include:

1. Avoid downloading files from unknown contacts.

2. Turn off auto-download features on WhatsApp.

3. Keep your phone updated with the latest security updates.

4. Never share your One-Time Password (OTP).

5. Limit who can add you to WhatsApp groups.

6. Activate “Silence Unknown Callers” to reduce unwanted calls.

A spokesperson from WhatsApp mentioned that they are aware of these evolving scams and have built tools to help users stay safe. They recommend being cautious when interacting with unknown contacts, using features like context cards to verify the identity of new senders, and blocking or reporting suspicious accounts. Always avoid downloading media or clicking on links from untrusted sources.

 

You might also be interested in - Mumbai woman loses ₹20 crore in cyber fraud over fake Aadhaar misuse call