Chandigarh: Cyber fraudsters posing as officials from the Public Health Engineering (PHE) department of Jammu & Kashmir duped a Territorial Army Deputy Commander of ₹8.83 lakh by threatening to disconnect his water supply and tricking him into installing a malicious APK file on his phone. The fraud was executed through a WhatsApp call and a fake payment link that enabled the accused to access his banking credentials.
Threat Over WhatsApp Triggers Fraud
In his complaint, the Army officer stated that he is posted at the Territorial Army Group Headquarters, Western Command, Sector-8. On February 5 at around 7:55 pm, he received a WhatsApp call from an unknown number. The caller claimed that his water bill was overdue and warned that the connection would be cut immediately if payment was not made.
Malicious APK Installation
The caller then sent a link on WhatsApp and asked him to download an APK file to make the payment. After installing the file, the victim was asked to enter his consumer number and later his debit card details. When a card payment appeared to fail, the caller instructed him to complete the transaction through net banking.
Certified Cyber Crime Investigator Course Launched by Centre for Police Technology
Fixed Deposit Liquidated, Funds Siphoned
Shortly thereafter, the officer received a message that his fixed deposit worth ₹13.72 lakh had been prematurely closed and the amount transferred to his savings account. Within minutes, multiple transactions were carried out and ₹8.83 lakh was withdrawn. Realising the unauthorised activity, he immediately alerted the bank and lodged a police complaint.
Police Investigation Underway
The Sector-17 Cyber Crime Police Station has registered a case and initiated an investigation. Police are analysing the mobile number used in the call, bank transaction trails, IP logs and the digital footprint of the APK file. The beneficiary accounts that received the siphoned funds have been identified, and efforts are underway to trace the accused through the money trail.
Cybersecurity experts said APK-based frauds typically involve installing malware that enables remote access or screen mirroring on the victim’s device, allowing fraudsters to capture OTPs, passwords and banking app data. In several cases, they also liquidate fixed deposits or other investments and move the funds to savings accounts before transferring them out.
Growing Trend of Fear-Based Cyber Fraud
Police have advised the public not to download APK files or click on payment links sent by unknown callers claiming to represent government departments. Utility bills should be paid only through official websites or authorised mobile applications. Citizens have also been warned never to share OTPs, debit card details or net banking credentials over calls or messaging platforms.
The case highlights a growing trend in which cybercriminals use fear tactics—such as threats of disconnection of essential services—to pressure victims into making immediate payments. Investigators said the full extent of the network and the final destination of the siphoned funds will be known once the digital and financial analysis is complete.
