Think Twice: 19-Minute Viral Video Scam; Clicking That Link Could Empty Your Bank Account

Experts have identified a new scam that exploits user curiosity through a deceptive video link. When clicked, the link does not lead to actual content but instead triggers a series of pop-ups and advertisements that encourage users to keep interacting. Meanwhile, malware installs in the background, gaining the necessary permissions to access banking apps on the user’s device.

Once this Trojan is embedded, it can intercept one-time passwords (OTPs), read messages, capture login credentials, and generate fake login screens that closely mimic legitimate banking interfaces. This allows attackers to stealthily collect sensitive information entered by the user. Notably, because the malware can also intercept SMS messages, traditional OTP-based authentication becomes ineffective, posing significant risks to users’ accounts.

The final phase of the scam involves draining the user’s bank account without their knowledge, as the malware can overlay its fake interface over the actual banking app when opened. This method has become a more common form of digital phishing, as it relies solely on clickbait rather than file attachments.

Cybersecurity experts advise users to refrain from clicking on unsolicited video links across messaging platforms like WhatsApp, Telegram, and Instagram, especially those that promise sensational content. Regularly updating devices, avoiding unknown applications, and closely monitoring banking transactions are also recommended preventive measures.