Varanasi | A cyber fraud case involving the theft of ₹6.31 lakh through compromised credit cards has been reported from the Shivpur area of Varanasi, where fraudsters allegedly hacked a victim’s smartphone after convincing him to install malicious APK files. The complaint has been registered on the National Cyber Crime Reporting Portal (NCRP), and police have initiated an investigation into the incident.
According to the complaint, Vinay Kumar Jha, a resident of Bhawanipur in Shivpur, received a WhatsApp message from an unknown number on June 24. The sender allegedly displayed a fake bank logo on the WhatsApp profile, creating the impression that the message had been sent by an authorised bank representative.
FCRF’s Flagship Cyber Law Certification Returns With a New Four-Week Cohort
Police said the fraudster allegedly persuaded the victim to install APK files on his Android phone under the pretext of providing services related to RBL Bank and IDFC Bank credit cards. Believing the communication to be genuine, the victim installed the applications as instructed.
Investigators believe that the APK files contained malicious software which enabled the fraudsters to gain unauthorised access to the victim’s smartphone. Once the device was compromised, the accused allegedly accessed the victim’s credit card information and carried out four unauthorised transactions.
According to the complaint, a total of ₹6.31 lakh was withdrawn through the four transactions before the victim realised that he had been defrauded. The matter was subsequently reported to the authorities, and the complaint has been uploaded on the National Cyber Crime Reporting Portal for further investigation.
Police are examining the digital trail, transaction records, mobile device data and other electronic evidence to identify those responsible for the fraud. Investigators are also attempting to determine whether the incident is linked to a wider cybercrime network using malicious APK files to compromise Android devices.
Cyber security experts have repeatedly warned that fraudsters often impersonate banks or financial institutions on messaging platforms and persuade victims to install APK files instead of directing them to official app stores. Such files can contain malware capable of stealing banking credentials, intercepting one-time passwords, recording keystrokes and providing remote access to a victim’s device.
Authorities have advised the public never to install APK files received through WhatsApp, SMS or email and to download banking applications only from authorised app stores. Victims of suspected cyber fraud are urged to report the incident immediately through the National Cyber Crime Reporting Portal and inform their respective banks to minimise financial losses.
