Hyderabad – In a shocking case of cybercrime, a 59-year-old government employee from Hyderabad lost ₹3.92 lakh after falling victim to a sophisticated scam involving a fake APK file. The fraudster, posing as a bank relationship manager, convinced the victim to download a malicious app file — leading to an instant siphoning of funds from the victim’s bank account.
Cybercrime officials have issued a strong warning to the public, stressing that no legitimate bank ever sends APK files or third-party app links for KYC updates or account verification. The incident highlights a growing threat where cybercriminals use tech-savvy methods to exploit unsuspecting users.
According to reports from Telangana Today, the victim received a call from a person who identified himself as a relationship manager from a private sector bank. The caller informed the victim that there was a discrepancy in his address, which needed immediate correction. To do so, he insisted the victim download an app sent via a messaging platform — in the form of an APK file.
Once the victim installed the app, his phone’s control was compromised. Within minutes, unauthorized transactions began, and ₹3.92 lakh vanished from his bank account. By the time the victim realized the fraud, the damage was done.
An APK (Android Package Kit) is the file format used for distributing and installing applications on Android devices. While it's a standard format, cybercriminals are increasingly using fake APKs embedded with malware to gain control of a victim’s phone.
Once installed, these apps can:
Read your SMS (including OTPs),
Log keystrokes,
Access personal and financial data, and
Perform unauthorized bank transactions.
The Cyber Crime Department has urged citizens to exercise caution and never download or install APK files received via unsolicited calls, emails, or messages — especially those claiming to be from banks.
Their key warning:
Banks do not send APKs or links for KYC updates or verification. If anyone requests such action, it’s a scam.
To avoid becoming a victim of such cyber frauds, follow these crucial safety tips:
Only install apps from trusted platforms like Google Play Store or Apple App Store. Never install APKs sent via WhatsApp, SMS, or email.
Do not click on links or files sent by unknown senders, even if they claim to be from a trusted organization like a bank.
Make sure your phone’s setting for installing apps from unknown sources is turned off.
Banks will never ask for sensitive information like OTPs, passwords, or ask you to install third-party apps.
Install a trusted mobile security or antivirus application that can detect malicious activity or apps on your device.
If you’ve mistakenly installed a suspicious file or lost money, report the incident without delay:
Visit cybercrime.gov.in
Call the 24x7 helpline: 1930
As cyber frauds evolve with newer and more convincing tactics, public awareness is the first line of defense. If you're ever in doubt about a file, link, or caller claiming to represent a bank, pause and verify before taking any action. One wrong tap could cost you lakhs — but one informed decision could save it.
