Viral MMS Scam: Who Is Sarah Baloch? Pakistani Influencer Caught In Deceptive ‘Assam’ Cyberattack, Sparks Online Safety Alert – Here’s What We Know

A fresh wave of phishing attacks is targeting Indian social media users through a so-called “viral MMS” controversy falsely linked to Pakistani influencer Sarah Baloch. Cybercriminals are circulating sensational posts about a fabricated “Assam incident,” luring users into clicking malicious links designed to steal personal data and compromise devices.

Cybersecurity experts have issued an urgent advisory, warning that the trending content is part of a coordinated phishing campaign crafted to exploit regional curiosity and viral sharing habits.

Who Is Sarah Baloch? Why Is Her Identity Being Misused?

Sarah Baloch is a Pakistan-based content creator known for lifestyle, fashion and travel content across Instagram and TikTok. With a substantial follower base and high engagement rates, her public profile makes her a convenient target for online clickbait schemes.

In the current scam, fraudsters have reportedly repurposed old or unrelated visuals of the influencer and paired them with provocative headlines. The misleading packaging helps the content spread rapidly through WhatsApp forwards, Facebook suggested feeds and other social platforms.

There is no verified evidence linking Baloch to the alleged incident. Her name and image appear to be used without consent purely to increase click-through rates and credibility for the scam.

The ‘Assam’ Angle: How The Phishing Trap Works

Experts say the campaign uses “localisation” tactics, inserting references to Assam to make the story appear regionally relevant and urgent for Indian users.

Here’s How The Scam Typically Unfolds-

The Hook: A blurred or sensational thumbnail featuring the influencer is combined with captions such as “Shocking news from Assam” or “Assam viral video incident.”

The Redirect: Instead of leading to a legitimate news report, the link pushes users through multiple suspicious domains.

The Payload: Victims are prompted to “verify age” by entering social media credentials or unknowingly allow background installation of adware or spyware. In some cases, login information is harvested for account hijacking or financial fraud.

Red Flags: How To Identify A Fake Viral Link

Cyber experts highlight several warning signs:

Context mismatch: An influencer from another country being tied to a sudden local scandal is often a strong indicator of manipulation.

Suspicious URLs: Authentic news outlets use verified domains. Scam links often rely on shortened URLs or strange web addresses.

‘Share to Unlock’ Tactic: Any site asking users to forward the link to multiple WhatsApp groups before accessing content is likely a viral scam mechanism.

What To Do If You Clicked The Link

If you have interacted with such content, immediate action can limit potential damage:

• Do not forward the message. Delete it and alert the sender that it may be malicious.
• Clear browser cache and cookies after closing the suspicious tab to remove potential tracking scripts.
• Review app permissions in your phone settings and revoke access granted to unknown applications.
• Enable two-factor authentication (2FA) on social media, email and banking apps to prevent unauthorized access even if login credentials are compromised.

As phishing campaigns grow more sophisticated, experts stress that digital awareness is the first line of defence. Viral content combined with emotional or sensational headlines is often engineered to override caution, making verification and restraint critical in preventing cyber fraud.

ALSO READ: Ramadan 2026: Sehri Time Today on February 21, Check City-Wise Timings in Delhi, Lucknow, Mumbai, Hyderabad and Major Cities