Ahmedabad | A new and sophisticated case of cyber fraud has emerged in Gujarat’s Ahmedabad, where ₹99,001 was allegedly siphoned from a 41-year-old private employee’s bank account using a fake mobile system update notification. The incident has been reported from the Sarkhej area, where police have registered a cyber fraud case and initiated an investigation. Preliminary findings suggest that the fraud was executed by exploiting the victim’s accidental permission to a malicious prompt disguised as a routine software update.
The victim, Maheshbhai Rathore, a resident of Fatehwadi on Dholka Road and an employee in the dispatch department of a private company in Moraiya, stated in his complaint that the incident occurred on March 28, 2026. While at work, he received a pop-up notification on his mobile phone prompting him to update his system software. Believing it to be a genuine update request, he clicked on it and allowed the process to proceed before placing his phone back in his pocket and continuing his work.
FCRF’s Flagship Cyber Law Certification Returns With a New Four-Week Cohort
Later in the evening, when he attempted to carry out an online transaction, the payment failed due to insufficient funds. Initially assuming a technical issue, he checked his SMS alerts linked to his bank account and discovered that ₹99,001 had been debited without his knowledge from his HDFC Bank account through multiple unauthorized transactions. Shocked by the discovery, he immediately contacted the National Cyber Crime Helpline (1930) and filed a complaint.
According to the complaint, the victim also approached his bank, where he was informed that the diverted amount had been transferred to an RBL Bank account. He subsequently lodged a formal complaint with the Sarkhej Police, following which an FIR for cyber fraud was registered. Authorities have now begun tracing the complete digital transaction chain to identify the beneficiaries.
Investigators suspect that the fraud may be part of a larger organized cybercrime network that uses fake system updates, malicious links, or fraudulent app notifications to gain unauthorized access to mobile devices. Once the user interacts with such prompts, malware or phishing tools may be installed, potentially allowing criminals to access sensitive banking data and execute transactions remotely.
Police are currently examining the recipient bank account where the stolen funds were transferred. In parallel, cyber forensic teams are analyzing the origin of the fake update notification, including possible IP addresses, server routes, and digital footprints. Experts are also assisting in determining whether the incident involved malware installation, phishing software, or a compromised application.
Cybersecurity experts note that such cases are increasingly common and often rely on human error rather than technical breaches. Fraudsters exploit user trust by creating realistic-looking system alerts that mimic genuine software updates. Once access is granted, attackers can bypass security layers and initiate unauthorized financial transactions.
Authorities have advised users to avoid clicking on unknown update prompts or links and to rely only on official app stores or device settings for software updates. They further emphasized the importance of enabling multi-factor authentication and regularly monitoring banking alerts to detect suspicious activity early.
The investigation remains in its early stages, with police continuing to analyze financial records, mobile data, and transaction logs. Officials stated that efforts are underway to identify and trace the individuals behind the fraud network, and further developments are expected as digital evidence is examined.
