Chandkheda man loses ₹39.7 lakh in pension verification cyber fraud after downloading fake APK file

A 70-year-old Chandkheda resident allegedly lost ₹39.7 lakh in a cyber fraud after fraudsters tricked him into downloading a malicious Android application disguised as a pension verification file.

Chirag Parasottamdas Sutaria (70), a resident of IOC Road in Chandkheda, received a phone call on the evening of June 18 from an unknown person claiming to be an official of the Central Bank of India.

The caller allegedly informed Sutaria that his pension card required verification and instructed him to download a file titled "Pension card verification.apk", which was sent through WhatsApp.

Police said the complainant, believing the caller to be a genuine bank representative, downloaded the application. Soon afterwards, he began receiving multiple One-Time Password (OTP) notifications and alerts indicating that money was being debited from his bank accounts despite not initiating any financial transaction.

Realising that he may have fallen victim to cyber fraud, Sutaria immediately contacted the Central Bank of India customer care helpline and requested that his overdraft fixed deposit (ODFD) accounts be blocked.

Subsequent verification of his account statements and the bank's mobile banking application allegedly revealed that cyber fraudsters had siphoned off ₹39.7 lakh from three separate ODFD accounts through multiple unauthorised transactions routed via Razorpay-linked accounts.

According to the complaint, the amount was transferred in five transactions:

₹9.90 lakh from one ODFD account

₹9.90 lakh from a second ODFD account

₹9.90 lakh from a third ODFD account

₹5 lakh in one additional transaction

₹5 lakh in another transaction

The total amount fraudulently transferred was ₹39.7 lakh.

The complainant subsequently reported the incident to the National Cyber Crime Helpline by dialling 1930 on June 19 and later approached the Cyber Crime Police Station to lodge a formal complaint.

According to investigators, the fraudsters allegedly gained unauthorised access to the victim's mobile phone after he installed the APK file. This reportedly enabled them to obtain banking credentials, passwords and OTPs, allowing them to transfer funds from his accounts without his knowledge.

Police have registered a case against unidentified accused under the relevant provisions of the law. Investigators are tracing the mobile number used in the fraud, the financial trail and the beneficiary bank accounts linked to the transactions.

Further investigation is underway to identify the perpetrators and recover the diverted funds.