TGCSB issues advisory over malicious APK files disguised as RTO traffic challan alerts
According to the TGCSB, Cyber Security discovered that cybercriminals are actively targeting WhatsApp users.
In its advisory TGCSB stated, Fraudsters are sending deceptive messages through groups with official-sounding names like 'TS Traffic Police Updates' or 'RTO Alerts Hyderabad', primarily during evening hours. These messages contain a link to download a file named 'RTO Traffic Challan.apk,' which unsuspecting victims are tricked into installing.
As per the TGCSB after installation, the malicious APK file gives fraudsters full access to the victim's device. This includes sensitive banking info, credit card details, and SMS messages with important One Time Password (OTPs).
The TGCSB added that victims often find unauthorized transactions on their accounts. These usually happen with online shopping platforms. The malware lets attackers control the infected device remotely. The TGCSB stressed that these attacks are very dangerous. They take advantage of the public's trust in what looks like official communication.
Telangana Cyber Security Bureau advises citizens never click on links or download APKs from unknown or unofficial sources. Do not trust WhatsApp group names, attackers often name them to appear official.
Install apps only from Google play store or Apple app store. Enable OTP alerts and immediately block your card if you suspect any fraud. Report incidents immediately in 1930 or via www.cybercrime.gov.in.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Hans India
13 minutes ago
- Hans India
Man loses Rs 1.72 lakh in fake RTA challan app scam
Hyderabad: A 34-year-old man in Hyderabad has fallen victim to a cyber fraud, losing Rs 1.72 lakh after downloading a deceptive mobile application disguised as an official transport department app. According to the Telangana Cyber Security Bureau (TGCSB), the incident unfolded on 16 July when the victim received a WhatsApp message containing an APK file named 'RTA Believing it to be a genuine application for checking traffic challans, he proceeded to download and install the file, unknowingly compromising his personal data. Two days later, on 18 July, the victim started receiving alerts of unauthorised debits from his HDFC bank account. He attempted to halt the transactions but soon realised his mobile phone had been remotely accessed. Furthermore, all incoming calls to his number had been secretly forwarded to an unknown number. Although he managed to disable the call forwarding and regain control of his device, a total of Rs 1,72,625 had already been withdrawn from his account. The incident was promptly reported to the Cyber Crime Helpline (1930). The Cyber Security Bureau has since issued a stern warning, urging citizens to exercise extreme caution regarding fake government-related APK files, particularly those disseminated via WhatsApp or SMS. Telangana Cyber Security Bureau explicitly advises citizens against installing APK files received through WhatsApp, SMS, or any unfamiliar sources. They strongly recommend downloading applications exclusively from trusted platforms such as the Google Play Store or Apple App Store. Additionally, the bureau advises individuals never to enter personal or banking details into unknown applications, to regularly check phone settings for unauthorised call forwarding, and to enable two-factor authentication for all banking and UPI applications. If a phone exhibits unusual behaviour or suspicious transactions are noticed, users should immediately switch off mobile data and contact their bank. Victims of cyber fraud are advised to meticulously preserve all relevant communication and transaction records and to report the incident by calling 1930 or visiting In emergencies, assistance is also available via WhatsApp or phone on 8712665171.
Time of India
2 hours ago
- Time of India
Cybercrooks keep two Bengaluru women under digital arrest, make them strip
Bengaluru: In a chilling reminder of how far cybercriminals will go, two women were digitally held hostage and forced to strip by fake cops in a digital arrest scam . The criminals had ordered the women to disrobe as part of an online "physical examination" to identify birth marks and moles. The women, who are childhood friends, realised they were victims of online fraud and extortion only when they reached out to another friend after being held hostage by the cybercriminals for nearly nine hours, despite having transferred Rs 58,447 to them. A complaint has been lodged with the East CEN Crime police. While Anne (name changed) is a resident of the city, her friend Richa, who works in Thailand as an instructor, was on a visit to Bengaluru when the duo got trapped in a web of deception. Their ordeal started at 11am on July 17 when Richa received a call from the number 8856062795. The caller introduced himself as a police officer from Colaba police station in Mumbai and accused her of being involved in money laundering linked to Jet Airways founder Naresh Goyal. He also accused her of being involved in human trafficking and a murder case. You Can Also Check: Bengaluru AQI | Weather in Bengaluru | Bank Holidays in Bengaluru | Public Holidays in Bengaluru A shocked Richa tried to explain she was on a visit to India and had no connection to the case. by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like Dementia Has Been Linked To a Common Habit. Do You Do It? NeuroVita Global Learn More Undo The caller, however, shared details of a debit card she was using and managed to scare her of arrest. Spooked on being furnished with her personal debit card details and official-looking documents, including forged arrest warrants and Central Bureau of Investigation ID cards, Anne also was convinced and fell prey to the ruse. While more fraudsters joined in, the women were made to believe the call was being made from a police station. To further deceive the women, the fraudsters made a video call claiming to connect them to officers from CBI. The crooks told the women they had to be kept under digital arrest at home, and had to stay on a WhatsApp video call for 24 hours. They told the victims that according to Reserve Bank rules, the transactions done from their bank accounts needed to be verified. The women were told to transfer money to an account provided by the fraudsters, on the promise it would be returned after the verification process if the money wasn't found to be black. Richa transferred Rs 58,447 from her bank account. The fraudsters also impersonated officials from the Telecom Regulatory Authority of India and Delhi police. Online medical exam After receiving the money, the fraudsters told the victims they needed to get clearance, for which they had to undergo a medical examination online. This was to identify and ensure there were no "bullet marks, moles, or tattoos" on their bodies. The women were asked to strip naked and follow instructions, which they complied with, Anne told police, adding that she was also told that her entire house was under surveillance and an arrest warrant was issued against Richa. A senior police officer said the women had no idea that the fraudsters were recording them nude under the pretext of medical examination. When the women stripped, the miscreants also allegedly body shamed them. Helpful call to friend After suffering tremendous pressure and harassment, Richa decided to reach out to a friend for assistance. She made a WhatsApp call around 8pm, and after she explained the ordeal, the friend advised her to disconnect all the calls and not transfer any more money. After the call was disconnected, the fraudsters attempted to reach the women again and sent across their nude photos and videos, threatening to make them public. Anne told police that the photos and videos shared by the fraudsters to both their phones weren't downloaded or saved. They deleted them as they had been digitally and physically abused and under tremendous fear and shame for nine hours. A senior police officer said a case has been registered under various sections of the Information Technology Act and Section 318 (cheating) of Bharatiya Nyaya Sanhita.
Time of India
7 hours ago
- Time of India
Rs 15L via 71 bank transfers: No bail for man accused of rape, blackmail in Gurgaon
Gurgaon: A district court refused to grant bail to a man accused of raping a woman and forcing her to transfer Rs 15 lakh into his account. Gagandeep, originally from Punjab, forced the survivor to transfer money into his account over 71 times. The rape accused extorted the money by threatening to upload her objectionable videos and photos that were taken during the alleged assault. For three years, the accused had sexually assaulted the woman besides blackmailing her, according to the case diary. The woman went to Malaysia, but the exploitation and blackmail continued. You Can Also Check: Gurgaon AQI | Weather in Gurgaon | Bank Holidays in Gurgaon | Public Holidays in Gurgaon A fake suicide bid forced her to return to India. On March 11, she lodged a complaint with the city police alleging rape, blackmail and extortion. The accused, in his 40s, was arrested from a hideout in a remote area of Jharkhand on April 20. The counsel for the complainant, Manish Shandilya, said, "If released on bail, he could pressure the witnesses." Additional sessions judge Vinay Sharma said the allegations against the accused are very serious in nature. The court pointed out bank details in the form of evidence presented by the police show that on as many as 71 occasions, money transactions had been made by the survivor from her account to the account of the accused. by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like Why Crypto CFDs May Suit Your Portfolio IC Markets Learn More Undo The WhatsApp chats also substantiated that the accused forced her to transfer the money. It also showed that the accused took some objectionable photographs and videos of the survivor, the court said. "Considering the seriousness and gravity of the offence alleged to have been committed by the accused, prima facie no justifiable ground to extend the concession of bail is made out," the court said, declining the bail petition. In her complaint, the survivor had alleged that in 2022, Gagandeep, who was a friend of her brother, met her, and they exchanged their mobile numbers. Soon, Gagandeep became friendly with her and started talking to her on the mobile phone on a regular basis. On June 2, 2022, the accused came to her house. When he learnt that her husband would come at 7pm, he allegedly brought two small soft drink bottles and gave one bottle laced with sedatives to her to drink. After sometime, as she started feeling dizzy, the accused allegedly assaulted her and fled.
