Christmas WhatsApp scams surge as cyber police issue alert

As Christmas 2025 celebrations gather momentum across India, cybercrime units have flagged a sharp spike in WhatsApp scams disguised as festive greetings, surprise gifts and cashback offers. Authorities warn that fraudsters are exploiting holiday cheer to trick users into clicking malicious links that can drain bank accounts within minutes.

Cyber police say the scam is spreading rapidly through WhatsApp forwards, often appearing to come from friends, relatives or trusted contacts whose accounts may already be compromised.

How the Christmas WhatsApp scam works

The scam typically begins with cheerful messages such as “Merry Christmas! You’ve received a gift” or “Christmas bonus waiting for you”. These messages include shortened or masked links promising gift vouchers, shopping coupons, cashback or even cash rewards.

Once clicked, users are redirected to fake websites designed to closely resemble popular brands, banks or payment platforms. Victims are asked to enter mobile numbers, personal details or banking information, or are prompted to install an app or grant permissions.

In several cases, clicking the link installs malware that allows fraudsters remote access to the phone, enabling them to read OTPs, access banking apps and carry out unauthorised transactions.

Why festivals are prime targets

Cyber experts explain that festivals like Christmas are ideal opportunities for scammers. People are more relaxed, distracted and emotionally engaged during celebrations, making them less vigilant.

Fraudsters also use urgency as a weapon, warning that offers will “expire today” or must be claimed immediately. This pressure often causes users to bypass basic verification checks.

Common red flags users should not ignore

Messages offering free money, gifts or vouchers without any participation are almost always fake. Requests for OTPs, card details, app downloads or permissions via WhatsApp links are major warning signs.

Spelling errors, unfamiliar website addresses and messages urging users to forward links to multiple contacts are also common indicators of scams.

How to stay safe this festive season

Cyber police advise users never to click on unknown or suspicious links, even if they appear to come from someone they know. Always verify directly with the sender before opening festive offers.

Avoid entering banking details, CVV numbers or OTPs on unfamiliar websites. Enable two-step verification on WhatsApp and regularly review linked devices for unknown sessions.

If a suspicious app is installed accidentally, disconnect from the internet immediately, uninstall the app and inform your bank to block transactions.

What to do if you are targeted

Victims should immediately contact their bank and dial the national cybercrime helpline 1930. Complaints can also be registered on the official cybercrime portal.

Cyber police stress that swift reporting significantly improves the chances of freezing fraudulent transactions and minimising losses.

As festive greetings flood inboxes, authorities urge citizens to stay alert. A moment of caution can prevent a Christmas message from turning into a costly mistake.