New Delhi: Amid growing discussions around the 8th Pay Commission, a large cyber fraud campaign targeting government employees and pensioners has come to light. The Future Crime Research Foundation (FCRF) has issued a serious warning about a fake “8th CPC Salary Calculator” APK being circulated on WhatsApp. According to the organisation, the malware grants hackers complete control of the victim’s mobile phone, leading to theft of banking and personal data.
How the ‘Salary Calculator’ scam works
FCRF cyber analysts said fraudsters send WhatsApp messages claiming employees can instantly check their revised salary or pension under the 8th Pay Commission. The message carries an APK file named to resemble an official tool to build trust.
Once installed, the app requests sensitive permissions and then:
- Gains full access to phone data
- Steals banking app credentials and passwords
- Reads SMS and captures OTPs
- Enables remote access for unauthorised transactions
FCRF noted that several victims have reported money being siphoned off from their bank accounts after installing the application.
Certified Cyber Crime Investigator Course Launched by Centre for Police Technology
Rising threat of APK-based malware
According to FCRF, such attacks often deploy banking trojans that remain hidden in the device while continuously harvesting data in the background. The malware can use screen recording, keystroke logging and app-overlay techniques to capture banking sessions and authentication details.
Policy updates used as ‘emotional triggers’
FCRF said cybercriminals exploit major government policy events—such as pay commissions, tax changes and subsidy schemes—to create urgency and curiosity. By using official-sounding names, logos and technical language, they push users to download malicious apps without verification.
Do’s and Don’ts for users
FCRF has advised government employees and citizens to:
- Never download APK files received via WhatsApp or SMS
- Install apps only from official websites or trusted app stores
- Never share OTPs, banking details or passwords
- Immediately uninstall suspicious apps and run a security scan
- Report financial fraud to the cybercrime helpline 1930 and the national cybercrime portal
Government staff becoming high-value targets
FCRF highlighted that government employees and pensioners are increasingly being treated as high-value targets because their data is structured and financially sensitive. The rapid growth of mobile banking and digital payments has further increased their vulnerability.
Focus on awareness and monitoring
The foundation has recommended regular cyber-awareness training for government staff, mandatory official advisories and safer digital practices. It also stressed the need for technical tracking of malicious APK distribution networks and phishing infrastructure.
The case underscores that any link or app promising salary or pension benefits should be verified through official sources before downloading. Vigilance, verification and secure app installation remain the most effective safeguards against such cyber fraud.
