Bengaluru: Cybercrooks, constantly devising new ways to target unsuspecting people and siphon money from their bank accounts, have now resorted to sending malicious APK files disguised as digital wedding invitations, leaving many residents in the city cheated out of their savings. Police said more than 10 such cases have been reported since April.Fraudsters send WhatsApp messages claiming to invite the recipient to a wedding ceremony. The message carries an APK file disguised as an invitation card with captions such as ‘Wedding Invitation.’ Curious recipients click on the file, and the APK file gets downloaded and installed without the victims realising that it is malicious software.Once installed, the APK file gains access to the victim’s mobile phone, including contacts, SMS, notifications, and banking applications. The malware can read OTPs, capture screen activity, and remotely operate the device. They use the stolen credentials to access online banking and siphon off money from the victim’s account.They target people by sending personalised messages using local names and profile pictures to make the invitation appear genuine. The malware also spreads automatically by sending the same APK file to contacts saved on the victim’s phone through WhatsApp.Joint commissioner of police (West) C Vamsi Krishna said the main objective of fraudsters is to gain access to a person’s phone through malicious APK files sent under various pretexts such as wedding invitations or other convincing stories. These APK files can access messages, calls, banking applications, recordings, and other sensitive data depending on how the application is designed.Krishna said people must follow multiple layers of security to stay safe. Users should disable the installation of applications from unknown or third-party sources and install apps only from trusted platforms such as the Google Play Store or Apple App Store. WhatsApp and Android devices also provide settings to restrict APK installations. Suspicious links can additionally be checked through online services such as VirusTotal before opening them.Krishna noted that warning signs of infection include unusual phone heating, rapid battery drain, unknown background activity, and microphone or camera indicator lights appearing unexpectedly. He also stressed the importance of enabling app-level security such as biometrics or PIN protection for banking and financial applications.He cautioned the public not to click on suspicious links, even if they appear to come from known contacts, and to verify such messages before opening them. Regular monitoring, strong app security, and awareness of suspicious activity are essential to remain safe in the digital world.Deputy commissioner of police (Crime-2) Raja Imam Kasim P said people should avoid clicking suspicious invitation links even if they are sent by known contacts, as the sender’s account itself may have been hacked. Once an APK file is downloaded and installed, it can automatically access the victim’s contacts and spread the same malicious link further.Kasim also stressed the importance of creating awareness among contacts. Users should take a screenshot of the APK message and post it on their WhatsApp status with a warning not to open it. They should clearly mention that they have no wedding or invitation and that any such message received in their name should be ignored.quoteJoint commissioner of police (West) C Vamsi KrishnaPeople must regularly check their phones for unfamiliar applications, running processes, and app permissions such as location, microphone, or camera access should be withdrawn when not required. Users should also uninstall, offload, or force-stop unused applications and make it a routine to inspect their phones at least once every few weeks.Deputy commissioner of police (Crime-2) Raja Imam Kasim PUsers should never open links from known, unknown, or suspicious sources. If they accidentally click on such a link, they should immediately put the phone on flight mode or disconnect internet connectivity to prevent any data from leaving the device. The phone should then be switched off and restarted. APK files do not install automatically after downloading; users still need to manually approve installation by pressing buttons or granting permissions. Therefore, users should avoid pressing any prompts or installation requests that appear after the download.InsetRecent incidentsFurniture shop owner lost Rs 5LNoor Nahid Khan, 42, a furniture shop owner from Nayandahalli, lost over Rs 5 lakh after clicking a fake wedding invitation APK file sent through WhatsApp. He received a WhatsApp message titled “Wedding APK File Invitation” on April 12. Unaware that it contained malicious software, he clicked on the APK file. His phone got compromised. On April 16, between 4.45am and 4.54am, cybercriminals siphoned off Rs 5,00,440 from his bank account through multiple UPI transactions. West Cyber Crime police have registered the case.Tailor lost over Rs 55kJayasanjeevalu, 62, lost around Rs 55,800. He received a wedding invitation message on WhatsApp from an unknown mobile number on April 30 around 8.15am. Soon after clicking the message, the same wedding invitation was automatically forwarded from his WhatsApp account to all his contacts. On May 6, he learned about the fraud, and after visiting the bank, he found that money had been transferred from his bank account to another account. Adugodi police have registered the case.Man cheated of over Rs 2LA 29-year-old man lost over Rs 2 lakh after clicking on a fake wedding invitation. Mahendra B received an APK file on WhatsApp from an unknown number on May 3. He clicked on the file. Soon, crooks gained access to his mobile phone and banking details. Rs 2,06,467 was siphoned off from his bank account through multiple transactions. South Cyber Crime police have registered the case.Man gets invitation from friend, loses Rs 1.5LR Lokesh, 47, from Vijayanagar, received a wedding invitation message with an APK file from his friend on May 3. Trusting the sender, Lokesh opened the file without suspecting foul play. The file was malware that got downloaded onto his mobile phone. On May 6, Lokesh was shocked to find that multiple unauthorised transactions had been carried out from his bank account, and he lost Rs 1,54,323 to the fraudsters. Govindarajanagar police have registered the case.
