Cyber fraudsters are allegedly targeting Mahanagar Gas Limited (MGL) customers through fake gas bill alerts, malicious APK files, and call forwarding tricks designed to steal banking details and empty victims’ accounts. Authorities and cybersecurity experts have warned that the scam is rapidly spreading across Maharashtra and Karnataka, with fraudsters exploiting fear of gas disconnection to pressure users into taking immediate action.
Fraudsters Posing as Mahanagar Gas Officials
According to reports, victims receive SMS messages or WhatsApp calls claiming that their gas connection will be disconnected due to pending bills unless immediate payment is made. The fraudsters allegedly pose as MGL customer care representatives and create panic to force users into responding quickly.
Victims are then reportedly sent links to download APK files disguised as official Mahanagar Gas applications. Cybersecurity experts warned that these APK files are malicious Android installation packages capable of granting remote access to a user’s mobile device.
FCRF’s Flagship Cyber Law Certification Returns With a New Four-Week Cohort
APK Files and Call Forwarding Used to Steal OTPs
Investigators said that once installed, the fake APK files may allow fraudsters to access banking apps, passwords, OTPs, and sensitive personal information stored on the device. In several cases, scammers also allegedly tricked users into dialling specific codes under the pretext of customer verification or gas bill activation.
Cyber experts warned that these codes can activate call and SMS forwarding services, enabling fraudsters to intercept OTPs and banking alerts without the victim realizing it. Officials stated that the combination of remote device access and OTP interception allows cybercriminals to carry out unauthorized banking transactions rapidly.
Multiple Victims Report Heavy Financial Losses
Reports indicated that more than 100 people were allegedly targeted within a span of 30 days, with losses reportedly crossing ₹2.7 crore in Mumbai alone. Victims included senior citizens, teachers, businessmen, and domestic workers from Maharashtra and Karnataka.
In one reported case, a 60-year-old resident from Thane allegedly lost over ₹3.1 lakh after installing a malicious APK file sent by scammers pretending to be Mahanagar Gas officials. Police said unauthorized withdrawals were made from the victim’s account shortly after the app installation.
Authorities Warn Users Against APK Downloads
Cybercrime officials and experts have advised users never to install APK files received through SMS, WhatsApp, or unknown links. Authorities emphasized that genuine Mahanagar Gas services do not require customers to download unofficial applications for bill payments or verification purposes.
Users have also been advised to avoid sharing banking details, OTPs, or personal information over calls and messages. Officials urged citizens to immediately report suspicious communications through official cybercrime reporting channels and verify all payment-related requests through authentic customer service platforms.
