Chandigarh: A Sector 44 resident has fallen victim to a sophisticated “APK” scam, losing almost Rs 5.5 lakh after downloading a fraudulent traffic fine application sent via WhatsApp.The incident highlights a growing trend of cybercriminals using official-looking govt “e-challans” to install malware on mobile devices, allowing them to intercept personal data and financial credentials. On Feb 27, Mandeep Singh received a message from an unknown number claiming he had a pending traffic violation. The message contained an Android Package Kit (APK) file labelled “E-Challan.”
The man downloaded the file to review the alleged fine. Although he became suspicious and deleted the application shortly after, the malware had already compromised his device. The breach went unnoticed for several hours until he began receiving a flurry of one-time password (OTP) messages from various online retailers.It was at 2.30pm that he downloaded the malicious APK file, and at 8.30 pm, these multiple OTP messages began arriving, signalling unauthorised login attempts. At 10pm, Mandeep Singh’s son discovers the malware in the phone’s notification history and removes the hidden application. By the time the app was deleted, the fraudsters had already bypassed security measures to access Mandeep Singh’s credit cards.Financial Impact and Delhi LinksThe attackers targeted two separate accounts to make high-value purchases on a major e-commerce platform. Mandeep’s ICICI Bank credit card was swapped for more than Rs 4.5 lakh and his SBI credit card for almost Rs 95,000. Investigations have revealed that the suspects added three delivery addresses in Delhi — specifically in the Karawal Nagar, Dayalpur, and Bhajanpura areas — to the victim’s shopping account to receive the illicitly purchased goods.The cybercrime police station in Sector 17 has registered a case against unidentified suspects. While no arrests have been made, investigators are trailing the digital signatures of the transactions and the delivery locations in Delhi. “The victim acted correctly by blocking his cards and informing the banks immediately,” a police spokesperson said. “We are working to identify the individuals behind the Delhi-based delivery addresses.“Cyber Security TipPolice authorities advise mobile-phone users never to download files from unknown sources and to remember that official govt agencies rarely send legal notices or payment links via WhatsApp. MSID:: 129210145 413 |
