A new cyber fraud exploiting a government welfare scheme has raised concerns, with authorities warning users about malicious links and APK files being circulated to hack mobile phones and steal money.
Officials in Kerala have flagged a scam linked to the Pradhan Mantri Kisan Samman Nidhi scheme, where fraudsters are sharing files named “PM KISAN.apk” through social media and messaging platforms. These files falsely claim to help users register for the scheme or instantly receive ₹6,000.
However, once the file is downloaded and installed, a harmful application is silently installed on the device. This malware gains access to messages, calls, banking apps, and even screen activity, allowing cybercriminals to capture sensitive data such as OTPs, passwords, and financial details.
Experts say the attack uses remote access techniques, enabling fraudsters to take full control of the device and carry out unauthorised transactions without the user’s knowledge.
Authorities clarified that this scam is not limited to PM-KISAN. Similar APK-based frauds are being circulated in the name of services like electricity bill payments, KYC updates, gas booking, and traffic fines. These links are often shared via WhatsApp, Telegram, or email, along with urgent messages such as “your account will be blocked,” “update immediately,” or “last chance to claim government benefits.”
The PM-KISAN scheme provides ₹6,000 annually to farmers in 3 installments directly into their bank accounts, making it a common target for misuse. Officials stressed that registration is only possible through the official portal and any external link or app should be treated as fraudulent.
Future Crime Research Foundation also warned that such malware attacks using government scheme branding have increased sharply, with infected devices sometimes being turned into bots to spread further attacks.
Experts advised users to download apps only from trusted platforms like Google Play Store and Apple App Store.
Authorities urged users to avoid downloading APK files from unknown sources, keep “Install from Unknown Sources” disabled, never share OTPs or banking details, and report suspicious activity immediately to banks or cyber helplines.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream LinkedIn | The Mainstream Facebook | The Mainstream Youtube | The Mainstream Twitter
About us:
The Mainstream is a premier platform delivering the latest updates and informed perspectives across the technology business and cyber landscape. Built on research-driven, thought leadership and original intellectual property, The Mainstream also curates summits & conferences that convene decision makers to explore how technology reshapes industries and leadership. With a growing presence in India and globally across the Middle East, Africa, ASEAN, the USA, the UK and Australia, The Mainstream carries a vision to bring the latest happenings and insights to 8.2 billion people and to place technology at the centre of conversation for leaders navigating the future.
