New Delhi: The Future Crime Research Foundation (FCRF) has issued a high-alert advisory regarding a fake APK campaign being circulated in the name of the 8th Pay Commission, describing it as a targeted mobile spyware attack. The foundation warned that files being shared via WhatsApp, Telegram, SMS and email under labels such as “Pay Commission Calculator” or “New Salary Update” are malicious software that can compromise device security and access sensitive financial data once installed.
According to FCRF, the campaign relies on social engineering tactics to lure government employees and pensioners into downloading fraudulent applications by exploiting curiosity and expectations of salary revisions. Activating the “Allow unknown sources” option disables the device’s default security layer, granting the spyware extensive system permissions.
Certified Cyber Crime Investigator Course Launched by Centre for Police Technology
Strict advisory against unknown APK files
FCRF has clearly instructed users not to download or install APK files received from unverified sources. Applications should only be downloaded from official app stores, and users should avoid all third-party links. The advisory emphasises that enabling “Install unknown apps” or similar settings creates a direct entry point for mobile malware.
Steps if a file has been downloaded
If an APK file has already been downloaded, users are advised to delete it immediately without installing it. They should also check the downloads folder and file manager to ensure no suspicious files remain. Running an anti-malware scan and reviewing app permissions has also been recommended.
Immediate actions if the app is installed
FCRF has issued a step-by-step mitigation protocol. Users should immediately disconnect the phone from the internet and Wi-Fi, uninstall the suspicious app in safe mode, and change all banking, email and social media passwords. Resetting UPI PINs and net banking credentials, informing the bank about potential fraud, and reporting the incident on the cyber helpline 1930 are strongly advised.
In high-risk cases, users may consider backing up essential data and performing a factory reset.
Permission audit and data protection
The foundation has urged users to regularly review app permissions and remove applications that have unnecessary access to SMS, accessibility features, notifications or screen recording. It also advised against storing banking passwords, card details or sensitive documents on mobile devices, limiting autofill features, and enabling screen lock, biometrics and app-lock protections.
Rely only on official sources
FCRF clarified that any official update related to the Pay Commission is released only through government portals. No salary calculator or pay-revision tool is distributed through messaging platforms or third-party applications.
Institutional recommendations
The foundation has recommended that government departments issue internal cyber advisories, mandate mobile digital hygiene training for employees, and implement secure-device policies for handling sensitive work.
Awareness is the strongest defence
FCRF noted that such attacks exploit user psychology more than technical vulnerabilities. Messages promising “instant benefits” or “higher salary calculations” are designed to trigger impulsive actions that weaken device security.
Overall, FCRF has stressed that vigilance, reliance on official sources and prompt reporting of suspicious digital activity remain the most effective safeguards against mobile malware campaigns.
About the author — Suvedita Nath is a science student with a growing interest in cybercrime and digital safety. She writes on online activity, cyber threats, and technology-driven risks. Her work focuses on clarity, accuracy, and public awareness.
