A government officer in Haryana’s Rewari district has fallen victim to a sophisticated cyber fraud, losing more than ₹4 lakh after searching for an air conditioner (AC) service provider on Google. Cybercriminals allegedly sent a malicious APK file through WhatsApp, which, once installed, enabled them to siphon ₹4.03 lakh from the victim’s bank account. A case has been registered, and the Cyber Crime Police have launched an investigation.
According to the complaint, Kamal Singh, a resident of Bawal, searched Google on June 15 for an AC servicing provider. Shortly afterwards, he received an APK file on WhatsApp. He was then contacted through a WhatsApp call, during which the caller guided him through the process of opening the file and entering the requested details, claiming it was necessary to initiate the AC service request.
Registration Begins for FutureCrime Summit 2026, India’s Largest Cybercrime Conference
Believing the communication to be genuine, the victim installed the APK file and submitted the requested information. Three days later, on June 18, he received seven bank transaction alerts on his mobile phone. Investigators found that ₹49,999, ₹50,000, ₹70,000, ₹95,000, ₹10,298, ₹71,631 and ₹56,824 had been debited from his account in separate transactions, resulting in a total loss of ₹4,03,752.
After discovering the fraud, the victim immediately reported the incident to the National Cyber Crime Helpline (1930) and later filed a formal complaint with the Cyber Crime Police Station. Investigators have registered an FIR and begun examining banking records, mobile data and digital transaction logs to trace the flow of funds, identify beneficiary accounts and uncover other individuals linked to the cyber fraud network.
Preliminary findings suggest that the APK file may have been a malicious application designed to gain unauthorised access to the victim’s mobile device and compromise sensitive banking information. Investigators are also examining whether remote access tools, screen mirroring techniques or other malware-based methods were used to execute the fraudulent transactions.
Renowned cybercrime expert and former IPS officer Prof. Triveni Singh said cybercriminals increasingly exploit fake customer service numbers, fraudulent websites and malicious APK files to compromise users’ smartphones. He advised people never to install APK files received from unknown sources and to download applications only from official app stores. He added that forensic analysis of mobile devices, banking records, digital logs and communication trails is essential to dismantle the entire cybercrime network behind such offences.
Cyber police have urged the public to independently verify customer service numbers found through online searches, avoid downloading APK files from unverified sources and immediately report suspicious digital activity through the National Cyber Crime Helpline (1930) or the official cybercrime reporting portal. The investigation is ongoing, and further legal action will be taken based on the evidence collected.
