Ajmer. In a disturbing case highlighting the rising sophistication of cybercrime, a 57-year-old man in Rajasthan’s Ajmer lost ₹3.66 lakh after a routine Google search for a doctor’s contact number turned into a cyber trap. The victim was targeted through a fake WhatsApp link that eventually led to his mobile being compromised and banking SMS alerts being diverted to fraudsters.
According to police, the victim, Mukesh Surana, a resident of Arihant Colony on Pushkar Road, searched online on April 18 for a doctor’s number at a private hospital in Khailand Market for his child’s treatment. He called a number found online, after which he received a callback from another mobile number that initiated the fraud.
Fake appointment link used as entry point
Investigators revealed that the caller posed as a hospital representative and sent a WhatsApp link, asking the victim to fill in details for appointment booking. Although the victim refused to make a ₹10 UPI payment, the damage had already begun when he clicked the malicious link.
Cyber experts said the link functioned as a malware gateway, granting unauthorized access to the victim’s phone and enabling attackers to infiltrate sensitive data stored on the device.
FCRF Academy Launches Premier Anti-Money Laundering Certification Program
SMS diversion enabled financial theft
A few days later, on April 22, the victim received an alert for a ₹99,999 withdrawal. Upon checking, he discovered that his banking SMS notifications had been diverted to three unknown mobile numbers.
Further verification with the bank revealed that a total of ₹3,66,199 had been withdrawn in five separate transactions. The entire operation was executed silently in the background without the victim’s knowledge.
Account blocked and cyber complaint filed
As soon as the fraud was detected, the victim contacted the bank to block his account and also registered a complaint on the national cyber helpline 1930. A formal FIR was subsequently lodged at the cyber police station.
Officials said immediate reporting helped prevent further unauthorized transactions, though the stolen amount had already been siphoned off through multiple channels.
Technical probe leads to cyber network suspicion
During the investigation, cyber police analyzed transaction trails and digital forensic data to trace the flow of money. Early findings suggest the involvement of a structured cybercrime mechanism using advanced social engineering tactics.
Authorities noted that such frauds often involve fake links, SIM manipulation, and SMS forwarding techniques to gain control over OTPs and banking alerts, making detection difficult.
Possibility of organized cybercrime syndicate
Investigators suspect the case may not be an isolated incident but part of a larger organized cyber network operating across multiple states. This network allegedly uses fake links to healthcare, banking, and other services to trap unsuspecting users.
The operation reportedly relies on a combination of phishing links, call centers, and malware-based access tools to extract financial and personal data from victims.
Cyber experts warn of advanced tactics
Cybersecurity experts have warned that such fraud is becoming increasingly advanced. Fraudsters are now using convincing WhatsApp messages, cloned websites, and fake booking systems to mislead users.
Experts explained that once a user clicks on a malicious link, attackers can gain access to phone permissions, SMS services, and even banking authentication data, allowing them to intercept OTPs and transaction alerts.
Police advisory for public safety
Cyber police have urged citizens to avoid clicking on unknown or unverified links, even if they appear to be related to hospitals or official services. Users are advised to verify all contact details through official websites or trusted sources before sharing any personal or financial information.
Authorities also stressed the importance of immediately reporting suspicious activity to prevent further losses.
Digital age risks on the rise
This incident once again highlights the growing risks in the digital age, where convenience often comes with hidden vulnerabilities. A simple Google search and a single click were enough to compromise an entire banking ecosystem.
Investigations are ongoing, and police are working to identify other members of the network and determine whether additional victims are involved.
