Ahmedabad: When a 50-year-old accountant from Nikol received a WhatsApp message from his employer containing ‘RTO E-challan.apk’ file, he thought it was an official message regarding a traffic memo and installed the file. The moment he entered his name and mobile number, he received a message about money being debited from his account. He immediately deleted the app, but it was already too late. Within 24 hours, he lost Rs 10.7 lakh to cybercriminals. The victim told Cybercrime police that he frequently operated his bank accounts through mobile banking apps. The complainant, who works with a private firm in Vatva GIDC, said, “The fraud began on Feb 19 when I received the message from my employer. I deleted the app the second I realised it was a malicious app. However, the following day, I received multiple banking alerts. I contacted my bank and found that the cyberfraudsters had gained unauthorised access to my mobile phone and banking credentials.“Police said, “Clicking on malicious APK files gives cybercriminals the remote access to victims’ devices, enabling them to steal banking credentials and intercept OTPs.”In this case, cybercriminals allegedly used the compromised access to take an instant loan of Rs 5.3 lakh and an additional instant loan of Rs 4.5 lakh in the victim’s name. The amount, along with existing funds, was then siphoned off in multiple transactions — Rs 5 lakh, Rs 2.6 lakh, Rs 2.5 lakh and Rs 60,000 from a joint account held with his mother — totalling Rs 10.7 lakh.The complainant immediately contacted the cybercrime helpline and later approached the bank to obtain statements confirming the fraudulent transactions. The Cybercrime police registered a case on Monday against unknown persons under relevant sections of cheating and forgery under the Bharatiya Nyaya Sanhita and provisions of the IT Act.
