Steganography Cyber Scam: The Invisible Code Stealing Data and Money from People
A rising cybercrime trend in India that uses invisible malware inside images and videos shared through Social Media Apps to Scam People
Muqeet Mubashir
A new kind of cyber scam is spreading across India, and it’s leaving people shocked and helpless. This scam uses a clever trick called steganography, where hackers hide harmful computer code inside normal looking photos, videos, or audio files.
What is Steganography?
Steganography means hiding secret information inside ordinary files like images or songs. To most people and even to many antivirus programs, these files look completely normal. But once the file is opened or downloaded, the hidden code runs in the background, often without the user ever knowing.
It’s different from encryption, where data is scrambled into unreadable code. In steganography, the data is hidden, not scrambled, making it even harder to detect.
How the Scam Operates?
These scams typically follow a pattern:
In initial contact, the victim receives a message from an unknown number or mail through WhatsApp, Telegram or e-mail, often accompanied by a seemingly harmless image or media file.
Scammers may follow up with calls or messages, urging the victim to open the file under various pretenses, a process called Social Engineering.
Once the file is opened, the embedded malware activates under disguise, granting the attacker access to the victim’s device.
It ends up stealing Personal Data, such as passwords, photos, and messages. It can also access bank apps and financial details. Sometimes, it can even record calls or track locations, leading victims to financial theft and identity fraud.
Several cases have been reported across India where people got tricked by this recently emerged scam.
In Maharashtra, Pradeep Jain, a 28-year-old man, received a WhatsApp message from an unknown number containing a photo of an elderly man and the question, “Do you know this person?” After repeated calls, Jain downloaded the image. Within minutes, Rupees 2.01 lakh were withdrawn from his Canara Bank account via an ATM in Hyderabad. Alarmingly, when the bank attempted to verify the transaction, the scammers mimicked Jain’s voice to authorize it.
Similarly, in Madhya Pradesh’s Jabalpur, a man lost approximately an amount of 2 lakh after downloading an image sent via WhatsApp from an unknown number. The message requested help identifying someone in the photo. Upon opening the image, malware compromised his device, leading to unauthorized bank transactions.
This is not an isolated incident. Similar cases have been reported in many states. Police and cybercrime units in cities like Delhi, Hyderabad, and Ahmedabad have also received complaints where people lost money or had their private data stolen after clicking on unknown media files.
Why is this so Dangerous?
These files look normal, like any photo or video you would share with family members or friends.
Most antivirus software cannot detect the hidden code.
The attack happens in disguise without the victim noticing.
Once infected, the device can be controlled by the hacker.
Preventive Measures advised by Cybersecurity Experts to reduce the risk of getting Scammed:
Avoid unknown senders and do not open messages or download files from unknown or unverified contacts.
Disable Auto-download by adjusting Social Media App settings to prevent automatic downloading of media files.
Keep software updated, as regularly updating your device’s operating system may enhance applications to patch security vulnerabilities.
Use reliable security software, antivirus or anti-malware programs that can detect and neutralize threats.
Be cautious with personal information. Never share sensitive information like OTPs or passwords over messaging platforms.
Report such incidents to cybercrime authorities or to the official cybercrime portal: https://cybercrime.gov.in
Steganography is not a fiction anymore, it’s a real and rising cyber threat in India. Hackers are using it to silently invade smartphones, steal bank details, and ruin lives.
In this digital age, your best defense is awareness. Don’t trust every file you receive. Don’t open what you don’t expect. And most importantly, think before you click.
“It’s not always what you see that harms you. Sometimes, it’s what you don’t.”
Author can be mailed at muqeetmubashir111@gmail.com