If you’ve received a WhatsApp alert in recent days claiming that “they’re going to upload some photos of the earthquake” and that a supposed file called “Ondas Sísmicas CARD” can hack your phone in “10 seconds,” here’s the key point: there’s no evidence that this malicious file exists, and fact-checkers who have reviewed the message consider it a recurring hoax. The chain spread widely after the earthquake that hit Japan on January 1, 2024, but the same text—with minor tweaks—had already circulated before by piggybacking on other tragedies.
The pattern is so familiar that, if you follow cybersecurity news, you can almost predict the script: urgency, “they said it on TV,” a request to forward it “to family and friends,” and zero links to official sources. Is it really plausible that a hack “can’t be stopped in any way” and nobody—neither institutions nor the media—leaves any trace of the warning? That’s exactly why it’s worth understanding what’s going on and how to spot these chain messages so you don’t amplify them.
What the message says—and why it doesn’t add up
The WhatsApp chain claims that a file with earthquake-related images is going around (it mentions Japan and also Morocco) and warns you not to open it because it supposedly takes over the phone in just 10 seconds, while insisting the damage would be impossible to stop. To look like a “serious warning,” it also suggests the alert was issued on television and pushes you to share it immediately.
The problem is that it doesn’t provide any evidence: it doesn’t identify a reliable sender, it doesn’t link to an official statement or a warning from a cybersecurity agency, and it includes no verifiable details beyond the supposed file name. VerificaRTVE says there is no record of a photo file called “Ondas Sísmicas CARD” infecting phones, and Maldita.es explains that the chain is identical to others that have already been debunked—which fits a common tactic: reusing the same text and changing the “hook” to match whatever is in the news.
Spain’s National Cybersecurity Institute (INCIBE) had previously pointed out that this type of message “is usually a hoax”. They also highlight red flags that should set off alarms: an anonymous origin, no official references, and an urgent tone designed to make you react before checking anything. In other words, the chain is built to spread—just like a message labeled “forwarded many times” that ends up jumping from WhatsApp to platforms like X or Facebook.
A recycled hoax: the name changes, not the structure
What matters most here isn’t the “Ondas Sísmicas CARD” name, but the mechanics. Maldita.es and VerificaRTVE note that we’ve been seeing near-identical versions of the same story for years: alleged photos or videos that “hack your phone in 10 seconds,” typically appearing after natural disasters or conflicts. In 2023, for example, an identical chain was already debunked in connection with the Morocco earthquake, and another tied to a quake in Cariaco (Venezuela). At other times, the bait has changed—from “combat photos” in a war context to images attributed to volcanoes—always with the same apocalyptic tone.
Even during the pandemic, similar messages circulated using names that referenced countries and supposed achievements—a way of latching onto viral conversations to gain reach. And this pattern isn’t limited to Spain: fact-checking outlets in other countries have also had to dismantle similar chain messages, reinforcing the idea that we’re dealing with a reusable template, not a specific technical incident.
It’s telling that the message tries to dress up the lie with supposed authority (“they warned about it on TV”) while providing no traceable reference. In today’s ecosystem, where any real alert ends up echoed by official channels and specialized outlets, that lack of footprint is a strong sign. It’s the kind of chain that tries to slip in through the same place where you share photos, links, and memes… and where we sometimes let our guard down because we’re “among people we know.”
What to do if you receive it—and what to learn from this false alert
If a message like this lands in your chat, the priority is simple: don’t forward it. Even if your goal is to “warn people,” the real effect is to fuel misinformation and flood your contacts with an unfounded alarm. The most helpful response is to stay calm and ask for an official source; in many cases, simply requesting a link to a recognized organization exposes how flimsy the hoax is.
VerificaRTVE also reminds readers that it’s not true that downloading “some photos” gives someone control of your phone in 10 seconds. In a previous fact-check, cybersecurity expert Juan Carlos García explained that infection doesn’t work on a movie-style countdown and that, in addition, it’s difficult to get infected through WhatsApp; in his analysis, infections more often come from installing an app or clicking a fraudulent link. In other words, the real threat is usually more mundane and less dramatic—but that’s precisely why it’s better to focus on concrete habits: distrust odd links, avoid out-of-context installs, and be wary of any message demanding absolute urgency.
The best takeaway here is almost “geek mode”: treat warnings like a bug report. Who issued it? Where’s the evidence? Is there confirmation from a reliable source? If the answer is “no one” and “nothing,” the responsible move is to stop the chain. Because, in the end, the hoax isn’t trying to exploit a vulnerability in your phone—it’s exploiting a much more common one: our tendency to share quickly when a message is wrapped in alarm and tragedy.
