Amid the rising wave of cybercrime in India, a dangerous new fraud pattern has emerged from Mumbai, where scammers posing as gas company officials are emptying bank accounts within minutes. In just the past month, such cases have led to fraud worth nearly ₹1 crore. The alarming tactic involves threatening victims with gas disconnection and coercing them into downloading malicious APK files, which give fraudsters complete control over their mobile devices and banking access.
Investigations reveal that this is a highly organised cybercrime network operating with precision. Victims first receive SMS or WhatsApp messages claiming that their gas bill is overdue and their connection will be disconnected. This is followed by a phone call from someone posing as a company representative, offering an “urgent solution” and persuading the victim to download a mobile application.
FCRF Launches Premier CISO Certification Amid Rising Demand for Cybersecurity Leadership
In one recent case, Mitul Doshi, a 20-year-old businessman from Mulund West, fell victim to the scam. He received a message about an unpaid gas bill and paid ₹1,150. Shortly after, he got a call stating that the payment had not been updated. To “resolve” the issue, he was sent an APK file. Once downloaded, he was asked to enter his banking details. Within minutes, ₹11.82 lakh was transferred out of his account.
In another similar incident in Malad East, a 75-year-old retired man received a WhatsApp message featuring the logo of Mahanagar Gas Limited. He was asked to pay a nominal ₹10 “system update fee.” After downloading the APK file and entering his card details, fraudsters siphoned off ₹8.59 lakh within just 20 minutes.
A Repeatable Model of Panic, Trust, and Technical Theft
According to investigators, these are not isolated incidents but part of a structured and repeatable fraud model. The modus operandi remains consistent—create panic, build trust, and then deploy technical tools to execute the theft.
Cyber experts explain that APK files in such cases contain malware. Once installed, this malware allows fraudsters to access OTPs, banking apps, and sensitive personal data. This enables them to carry out transactions seamlessly, often without the victim realising until the money is completely drained.
Renowned cybercrime expert and former IPS officer Prof. Triveni Singh said, “Cyber criminals are increasingly using social engineering to create urgency and fear in the minds of victims. Threats like gas disconnection force people to act quickly without verification. APK-based malware has become one of their most effective tools.”
He further warned that no legitimate government or private company sends APK files for payments or verification. “No official will ever ask for OTPs or banking credentials over a phone call,” he emphasised.
Authorities have urged citizens to use only official websites or authorised mobile applications for bill payments. Clicking on unknown links or downloading suspicious files should be strictly avoided. Any such suspicious communication should be reported immediately.
If someone becomes a victim of such fraud, they are advised to call the National Cyber Helpline at 1930 without delay and inform their bank to freeze the account, preventing further loss.
These incidents in Mumbai highlight how cybercriminals are evolving beyond traditional scams and targeting essential daily services. In such a scenario, awareness and vigilance remain the strongest defence, as even a small mistake can lead to significant financial loss.
