Police Warn: Festive New Year Greeting Links Used to Hack Smartphones via “ClickFix” Scams

Aegiron 7 mins0

As people exchange New Year wishes across WhatsApp, Telegram, and SMS, law-enforcement and cybersecurity agencies have issued urgent alerts about a fast-spreading scam pattern now commonly referred to as “ClickFix” scams. Cybercrime units, including India’s Telangana Cyber Security Bureau, warn that these attacks are designed to look harmless and festive—but can silently compromise your smartphone within minutes.

Below is a clear, human-style breakdown of what these scams look like, what actually happens behind the scenes, how attackers exploit devices, and what you should do immediately.

What Is the “ClickFix” New Year Scam?

“ClickFix” scams are social-engineering attacks disguised as cheerful New Year greetings such as:

  • “Happy New Year! See your surprise message”
  • “You’re on my 2026 greetings list — click to view!”
  • “New Year Card waiting for you

These messages usually:

  • Come from unknown numbers, hacked accounts, or sometimes even known contacts
  • Contain a shortened or fake link
  • Urge you to act quickly (“only today”, “don’t miss it”)

Once clicked—or worse, followed step-by-step—they open the door for malware or account takeover.

How the Scam Actually Works (Step by Step)

1. The Bait: Festive Greeting Link

The link leads to:

  • A fake greeting card website
  • A page that looks like WhatsApp, Google, or a video player
  • A “message failed—fix required” screen

This is where the scam gets dangerous.

2. The “ClickFix” Trick: You Are Asked to Fix Something

Instead of automatically installing malware, many newer scams do something smarter:

  • The page asks you to copy a command
  • Or to enable a setting
  • Or to paste text into your phone, browser, or system prompt

Examples:

  • “To view the greeting, copy this code and paste it”
  • “Enable permissions to fix playback”
  • “Allow accessibility for full message”

This bypasses security warnings because you are performing the action.

3. What Happens After That? (The Real Damage)

Once the malicious command or permission is applied, attackers can:

Take Control of Your Phone

  • Read SMS messages (including OTPs)
  • Access WhatsApp and Telegram chats
  • Record keystrokes and screen activity

Steal Accounts

  • Hijack WhatsApp/Telegram accounts
  • Reset Gmail, Instagram, Facebook passwords
  • Use your number to scam others

Financial Fraud

  • Intercept bank OTPs
  • Access UPI apps and wallets
  • Make unauthorized transactions

Spread the Scam Further

  • Automatically send the same New Year greeting to:
    • Your contacts
    • Family WhatsApp groups
    • Office groups

This is why these scams spread so fast.

Why These Scams Are Hard to Detect

  • No obvious virus pop-up
  • No app download in many cases
  • Uses human behavior, not technical exploits
  • Appears festive, friendly, and timely
  • Often sent from already-hacked trusted contacts

Warning Signs You Should Never Ignore

  • Messages that push urgency
  • Links with random letters/numbers
  • Requests to:
    • Copy & paste commands
    • Enable accessibility or admin permissions
    • “Fix” a message manually
  • Greetings that open outside official apps

What You Should Do Immediately

If You Receive Such a Message

  • Do NOT click the link
  • Do NOT reply
  • Delete the message
  • Report it inside WhatsApp/Telegram

If You Already Clicked the Link

  • Do not copy or paste anything
  • Close the page immediately
  • Run a full phone security scan
  • Check app permissions (especially Accessibility)

If You Followed Instructions or Gave Permissions

  • Disconnect from the internet
  • Revoke suspicious permissions immediately
  • Change passwords for:
    • Email
    • WhatsApp
    • Social media
  • Inform your bank if financial apps were involved
  • Consider a factory reset if behavior seems abnormal

How to Protect Yourself Going Forward

  • Keep your phone OS and apps updated
  • Use official app stores only
  • Never trust greeting links—even during festivals
  • Educate family members, especially elders
  • Enable two-factor authentication everywhere

Final Takeaway

Cybercriminals know that festivals lower our guard. New Year greetings are being weaponized not with obvious viruses—but with psychological manipulation. If a message asks you to fix, copy, paste, or enable something, it’s not a greeting—it’s a trap.

When in doubt:

Don’t click. Don’t fix. Don’t forward.

Stay alert and start the New Year safe.

Aegiron

Backed by 11+ years in cybersecurity and incident response, we decode the latest threats shaping today’s digital battlefield. This blog cuts through the noise with clear insights on vulnerabilities, emerging exploits, and the cyber news defenders can’t afford to miss.