A chemical plant employee in Pune was duped of ₹92,000 after responding to what he believed was a routine call from his gas supplier. The fraud, involving a fake MNGL bill-update app, highlights increasingly sophisticated cybercrime tactics targeting ordinary citizens.
“A ₹7 Fee” that Led to Major Loss
On June 19, the victim emailed a photograph of his new MNGL meter reading. Four days later, he received a voicemail supposedly from the “MNGL bill update department” instructing him to complete two verification steps: physical confirmation and a nominal ₹7 “app fee”. The fraudster then shared a link to an APK file, disguised as an official MNGL update application, and asked him to download it.
Although the man didn’t pay the ₹7, he entered personal details into the app. Unbeknownst to him, the malware gave scammers full control of his phone. On June 23, they executed transactions across three bank accounts, draining a total of ₹92,000 before authorities could act.
Algoritha: The Most Trusted Name in BFSI Investigations and DFIR Services
Malware Exploit Underlines Rising Threat
The incident was filed at Khadak police station, and investigators confirmed the attack followed a growing pattern: legitimate service-provider calls that trigger fraudulent app downloads, leading to malware installation and unauthorised banking access. The malware exploited remote access functionality to bypass typical OTP safeguards, allowing the transfer of large sums in a short time.
Cybercrime gurus warn that this method—combining social engineering with malicious software—has surged in popularity. They urge all smartphone users to disable “Install from Unknown Sources,” verify app authenticity via official OS stores, and refuse payments prompted during cold calls. MNGL, for its part, confirmed it never requests app verification fees and is investigating the breach
