Don’t download ‘.APK’ file extension, you may fall prey to new online scam

Have you ever received a WhatsApp message or SMS from an unknown number asking you to download and install an Android application file (.APK)? Warning! It could be part of a scam. 

The Gujarat Cyber Crime Branch has issued an alert to the public about a new method of fraud being used by the notorious Jamtara gang from Jharkhand. Authorities advise that simply not downloading any file ending with '.APK' can help prevent falling victim to such scams.

Online fraudsters constantly come up with new methods to deceive people. The Jamtara gang has now started hacking into mobile phones and gaining control over mobile banking apps to siphon off money. Gujarat Cyber Crime Branch has warned people to stay alert.

Deputy Superintendent of Police B M Tank of the Gujarat Cyber Crime Branch said, “The cybercriminals send Android applications or update files via WhatsApp or SMS. The message tricks users into installing the file. Once the file is clicked and the app is opened, your phone gets hacked. The hackers gain complete access to the device and use it to carry out financial transactions. Since your phone is compromised, all banking-related SMS and messages are accessed by these cybercriminals.”

Apart from Android updates, the gang also sends files disguised as wedding invitations or other seemingly harmless content. If you open such files, your net banking password may be changed without your knowledge. 

Moreover, victims often do not even realise they’ve been duped, and since transactions happen from their own hacked number, they may not be able to file a proper complaint on the National Cyber Crime Reporting Portal.

This new wave of cyber fraud has affected people across the country. The Jamtara gang has reportedly targeted 629 people in Odisha and 412 in Haryana using this method. In the first six months of this year alone, six cybercriminals from the gang were arrested, and a ₹100 crore fraud was uncovered. In response, police forces across India have been working together and advising citizens to remain alert.

Precautionary steps to avoid getting duped

• Immediately disconnect internet access on the affected mobile phone and remove the SIM card.
• Insert the SIM card into a secure phone.
• Use a new device to change your net banking and other important passwords right away.
• Once access is restored, check your transaction history and note down all relevant details.
• Call the Cyber Helpline at 1930 and report the incident with complete information. Inform your bank immediately and take steps to freeze or secure your account.