Ahmedabad: In yet another alarming case of evolving cybercrime tactics, a company accountant in Ahmedabad lost ₹10.7 lakh after fraudsters used a fake e-challan mobile application to gain access to his phone and banking credentials. The incident, reported from the Vatva GIDC area, highlights how cybercriminals are increasingly exploiting trust-based communication channels to execute high-value frauds.
According to the complaint, the victim, Vipul Patel, received a WhatsApp message on February 19 from the mobile number of his factory owner. The message contained a file labeled as an “RTO memo” and requested him to review it. Since the message came from a known and trusted contact, Patel did not suspect foul play and proceeded to download the file.
FCRF Launches Premier CISO Certification Amid Rising Demand for Cybersecurity Leadership
Investigators later revealed that the file was actually a malicious APK application. After installing it, Patel was prompted to enter personal details such as his name, mobile number, and other identifiers. Although he deleted the application shortly after, the damage had already been done. The malware had silently compromised his device, giving attackers remote access.
The next day, Patel began receiving multiple debit alerts from his bank accounts. Initially confused, he approached the bank on February 21, where a detailed examination exposed the scale of the fraud. Cybercriminals had executed a series of unauthorized financial transactions, including taking instant and pre-approved loans through his banking app.
Bank records showed that ₹4.50 lakh was taken as an instant loan, while another ₹5.31 lakh was secured through a jumbo loan facility. In addition, multiple withdrawals were made from his joint account, including ₹5 lakh, ₹2.60 lakh, ₹2.50 lakh, and ₹60,000. Altogether, the total financial loss amounted to ₹10.7 lakh, leaving the victim in shock.
Preliminary investigation indicates that the attackers first hacked the factory owner’s mobile phone and used it to send the malicious file to the accountant. By leveraging a trusted contact, the fraudsters eliminated suspicion and increased the chances of the victim installing the malware. This method, often referred to as a “trust-chain attack,” is becoming increasingly common in cybercrime cases.
Cybercrime officials have registered a case and initiated a detailed probe into the incident. They believe the attackers used advanced mobile malware capable of accessing sensitive data, including banking applications, SMS alerts, and authentication credentials such as OTPs. Once access was secured, the fraudsters executed transactions and loans seamlessly, often without immediate detection.
Cybersecurity experts warn that APK-based scams are among the fastest-growing threats in India’s digital ecosystem. These applications bypass official app store security checks and can provide attackers with full control over a user’s device. Once installed, such malware can monitor user activity, capture keystrokes, and even override security layers in financial apps.
Renowned cybercrime expert and former IPS officer Prof. Triveni Singh noted, “Cybercriminals are increasingly using trust-based attack strategies, where they first compromise a known contact and then target others through that channel. Malicious APK files and fake utility apps are currently among the most dangerous tools being used in such frauds.”
Authorities have urged citizens to exercise extreme caution while downloading application files received via messaging platforms like WhatsApp. Users are advised to verify any such request independently, even if it appears to come from a known contact. Installing apps only from official platforms and avoiding unknown links can significantly reduce the risk.
This incident serves as a stark reminder that in today’s digital landscape, even a momentary lapse in judgment can lead to substantial financial losses. As cybercriminals continue to refine their methods, awareness and vigilance remain the most effective defenses against such sophisticated frauds.
