In a fresh case highlighting the dangers of malicious mobile applications, an elderly woman in Maharashtra was duped of nearly ₹25 lakh after cyber fraudsters gained access to her smartphone through a fraudulent APK file.
According to police reports, the scam began when the victim received a suspicious file on her phone, which she unknowingly downloaded and installed. The file, disguised as a legitimate application, was in APK format—commonly used to install apps outside official app stores.
Malicious APK Enabled Full Device Access
Once installed, the APK file allegedly allowed the fraudsters to gain unauthorised access to the woman’s phone, including sensitive financial information. Such malware can enable attackers to:
- Monitor SMS and OTPs
- Access banking apps
- Control device functions remotely
Cyber experts warn that APK-based scams are increasingly being used to bypass standard security protections and infiltrate devices.
FCRF Launches Premier CISO Certification Amid Rising Demand for Cybersecurity Leadership
Funds Siphoned Through Multiple Transactions
After compromising the device, the fraudsters reportedly carried out multiple unauthorised transactions, ultimately siphoning off around ₹25 lakh from the victim’s bank accounts.
The victim only realised the fraud after noticing suspicious withdrawals, following which a complaint was lodged with the cybercrime police. Authorities have initiated an investigation to trace the accused and the money trail.
Rising Trend Of APK-Based Cyber Fraud
This case is part of a growing pattern where cybercriminals circulate malicious APK files disguised as:
- Government notices (RTO challans, KYC updates)
- Bank alerts or customer service apps
- Event invites or documents
Once installed, these apps can silently harvest banking credentials and facilitate fraud without the user’s knowledge.
Police Advisory: Avoid Installing Unknown Files
Cybercrime authorities have reiterated that users should:
- Avoid downloading APK files from WhatsApp or unknown sources
- Install apps only from official stores like Google Play
- Never grant unnecessary permissions to unknown apps
- Immediately report suspicious activity via helpline 1930
Experts stress that even a single click on an unverified file can compromise an entire device and lead to significant financial loss.
Growing Threat To Elderly Users
Officials note that elderly individuals are increasingly being targeted due to limited familiarity with evolving cyber threats. Fraudsters exploit trust and lack of technical awareness to execute high-value scams.
The investigation remains ongoing, with police working to identify the perpetrators and recover the stolen funds.
About the author – Rehan Khan is a law student and legal journalist with a keen interest in cybercrime, digital fraud, and emerging technology laws. He writes on the intersection of law, cybersecurity, and online safety, focusing on developments that impact individuals and institutions in India.
