Hyderabad: A retired pensioner from Hyderabad fell victim to a cyber fraud and lost ₹10 lakh after contacting a fake Punjab National Bank number he found on Google. The incident took place on November 4, 2025, when fraudsters posing as bank representatives lured the victim into installing a malicious APK file on his phone for supposed “account verification.”
Once installed, the app granted the scammers remote access to the victim’s device, enabling them to capture sensitive banking details, read OTPs, and carry out unauthorized transactions. Within minutes, ₹10 lakh was transferred from the pensioner’s account to fraudulent channels.
Also Read: Hyderabad Police Commissioner V.C. Sajjanar Reviews City Armed Reserve Operations
The victim immediately approached the Hyderabad Cyber Crime Police for assistance. Constable N. Srikanth Naik promptly registered the complaint on the National Cyber Crime Reporting Portal (NCRP) and initiated tracing of the fraudulent transactions. Investigators tracked the money trail through Razorpay to Slice Small Finance Bank Ltd. Owing to the constable’s quick response, ₹5 lakh of the stolen amount was successfully blocked and recovered.
Police found that the APK application had dangerous permissions, including access to SMS and OTPs, allowing fraudsters not only to control the victim’s net banking account but also to attempt taking over his WhatsApp profile for further scams.
Authorities have since issued a public advisory, warning citizens against downloading APK files shared through WhatsApp, SMS, or social media platforms. Cybercrime officials have identified fake apps circulating under names such as “RTO CHALLAN,” “RTA CHALLAN 140.apk,” “Customercare.apk,” and “Bank.apk.”
Citizens are urged to download applications only from official app stores, verify bank contact details through legitimate websites, and refrain from sharing confidential information like OTPs or CVVs with anyone. Police also recommend deleting saved card details from e-commerce platforms after each transaction to avoid data misuse.