A textile businessman from Surat has become the latest victim of a sophisticated cyber fraud, losing a staggering sum of Rs 29 lakh. The elaborate scam, which involved a malicious APK file disguised as a necessary tool for GST compliance, has prompted the trader to file a formal complaint with the Surat cybercrime police unit.
The Deceptive Search and the Malicious File
The incident began on December 16 when the complainant, Ishwar Krishnani's uncle Vishnu, needed to arrange transportation for material to Diu. He searched online and found the contact details for a company named Bhumi Transport. To generate the mandatory e-way bill for the shipment, Vishnu requested the transporter's GST number from the person he contacted.
Instead of providing the number directly, the fraudster on the call sent an APK (Android Package Kit) file. The caller convincingly claimed that opening this file was essential to access and save the required GST details. This tactic preys on the urgency and legitimate need for GST documentation that many Indian businesses regularly handle.
The Unauthorized Transactions and Financial Loss
The situation raised immediate suspicion when the caller, after sending the APK, started asking for additional sensitive information, including net banking details. Alerted by this overreach, Vishnu wisely terminated the call. However, the damage was already set in motion.
The real shock came on December 20. A cheque issued by Krishnani's firm was unexpectedly returned. Upon urgently checking his bank account statements, Krishnani discovered the devastating truth: an unknown person had siphoned off Rs 29 lakh from his account. The money was taken in a series of 12 separate transactions, indicating a systematic drain of funds.
Police Complaint and Rising Cyber Threats
Following the discovery of the massive financial breach, Ishwar Krishnani immediately approached the specialized Surat cybercrime police to lodge a formal complaint. The case highlights a dangerous trend where cybercriminals are exploiting official business requirements like GST compliance to trick victims into installing harmful software.
APK files, which are used to install applications on Android devices, can be manipulated by hackers to contain malware. Once installed, such malware can grant scammers remote access to a device, allowing them to steal login credentials, banking information, and bypass security measures like OTPs.
This case serves as a critical warning for businesses and individuals alike:
- Never download or install APK files from unknown or unverified sources.
- Official GST processes do not require the installation of separate APK files to obtain or verify a GST number.
- Be extremely cautious of unsolicited calls or messages requesting sensitive financial information, even if the caller seems knowledgeable about your business needs.
- Always verify the identity of a service provider through independent, official channels.
The Surat cybercrime police are now investigating the matter to track down the perpetrators behind this costly fraud.
