LUCKNOW: Think twice before clicking on a wedding invitation link received on WhatsApp from an unknown number as it could cost you your entire bank balance. Cyber criminals are using a new tactic involving Android Application Package (APK) files disguised as wedding cards to hack into users' phones and steal sensitive data.
Tired of too many ads?
In a recent case reported by Cyber Crime Cell in Lucknow, Ratnesh, resident of Jankipuram, fell victim to the scam. He received a wedding card link via WhatsApp from an unfamiliar number. Unaware of the peril, Ratnesh clicked on the link and moments later, received an alert of Rs 40,000 being debited from his bank account. It was only after the money was gone that he realised he had been duped.
Two other similar cases were reported in the city, but the victims have not lodged FIR yet. According to in charge of the Cyber Crime Police Station, Brajesh Kumar Yadav, the APK file sent through wedding card link is actually a spyware application designed to operate on Android devices. "Once installed, it allows fraudsters to access everything — from bank details and OTPs to personal files and contacts," said Yadav.
He added, "Spyware hijacks the phone's functions, including camera, microphone, GPS and messaging system. It can remotely extract information without the user's knowledge, leaving him with a functional phone silently under the control of cyber criminals. The scam also gives fraudsters access to photos and contact lists."