A new cyber scam circulating widely on social media and messaging apps is putting mobile users at serious financial risk. The ploy, disguised as a link to an allegedly “viral 19-minute video,” is the latest tactic used by cybercriminals to trap victims through social engineering.
Unlike suspicious files or email attachments commonly associated with malware, this threat relies purely on curiosity-driven clicks. The link — often shared through platforms like WhatsApp, Telegram, and other social networks — never leads to any video. Instead, it triggers a chain of malicious actions designed to quietly install an advanced banking trojan on the user’s device.
Once the user interacts with the fake landing pages, often filled with sensational ads and deceptive play buttons, the malware silently downloads in the background. Believing they are about to watch a leaked or controversial video, victims unknowingly grant permissions that allow the trojan to penetrate deep into the device.
The banking malware operates covertly. It commonly requests access to the phone’s Accessibility Services, masking itself behind seemingly harmless prompts. With this permission, the trojan gains near-complete control of the device.
When the user opens a legitimate banking app, the malware immediately overlays a counterfeit login page indistinguishable from the real one. Any details entered — passwords, PINs, or card numbers — are harvested and transmitted to the attackers.
Worse, the trojan can intercept SMS messages, including bank-issued OTPs and two-factor authentication codes. This allows cybercriminals to bypass security layers entirely, enabling unauthorized transactions and draining bank accounts before victims even realize what has happened.
Cybersecurity experts warn that the growing sophistication of such social-engineering schemes makes them harder to detect. The false promise of an exclusive, leaked video is proving to be a powerful psychological lure.
Authorities advise users to exercise strict caution and avoid clicking on unsolicited or sensational links, particularly those promising viral content. Vigilance, they emphasize, remains the strongest defense against evolving financial cyber threats.
👉 Click here to read the latest Gujarat news on TheLiveAhmedabad.com