A routine online search turned into a costly cybercrime incident, exposing how advanced digital fraud tactics have become. A 57-year-old man from Rajasthan’s Ajmer lost ₹3.66 lakh after unknowingly clicking on a malicious WhatsApp link while trying to find a doctor’s contact number for his child’s treatment.
According to police, Mukesh Surana, a resident of Arihant Colony on Pushkar Road, searched online on April 18 for a doctor’s number at a private hospital in Khailand Market. After calling a number listed online, he received a callback from another mobile number, which initiated the fraud.
Investigators said the caller posed as a hospital representative and sent a WhatsApp link for appointment booking. Although the victim refused to pay a ₹10 UPI fee, the fraud had already begun once he clicked the link. Cyber experts confirmed the link acted as malware, allowing unauthorized access to his phone and sensitive data.
On April 22, the victim received an alert for a ₹99,999 withdrawal. He later found that his banking SMS alerts had been redirected to 3 unknown mobile numbers. Further checks revealed ₹3,66,199 had been withdrawn in 5 transactions without his knowledge.
Account blocked and cyber complaint filed
The victim immediately contacted the bank to block his account and reported the incident on the national cyber helpline 1930. A formal FIR was also registered at the cyber police station. Officials said timely reporting helped prevent further losses.
Cyber police traced transaction trails and analyzed digital evidence. Early findings indicate a structured cybercrime operation using advanced social engineering methods. Techniques like fake links, SIM manipulation, and SMS forwarding were used to access OTPs and banking alerts.
Possibility of organized cybercrime syndicate
Authorities suspect the case could be linked to a larger cybercrime network operating across multiple states. Such groups reportedly use phishing links, call centers, and malware tools to extract financial and personal data.
Experts warned that fraudsters now use convincing WhatsApp messages, cloned websites, and fake booking systems. Once a malicious link is clicked, attackers can access phone permissions, SMS data, and banking authentication details.
Police advisory for public safety
Cyber police have urged people to avoid clicking on unknown links and to verify contact details through official sources before sharing any information. Immediate reporting of suspicious activity is strongly advised.
The case highlights how a simple search and a single click can compromise financial security. Investigations are ongoing to identify other members of the network and possible additional victims.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream LinkedIn | The Mainstream Facebook | The Mainstream Youtube | The Mainstream Twitter
About us:
The Mainstream is a premier platform delivering the latest updates and informed perspectives across the technology business and cyber landscape. Built on research-driven, thought leadership and original intellectual property, The Mainstream also curates summits & conferences that convene decision makers to explore how technology reshapes industries and leadership. With a growing presence in India and globally across the Middle East, Africa, ASEAN, the USA, the UK and Australia, The Mainstream carries a vision to bring the latest happenings and insights to 8.2 billion people and to place technology at the centre of conversation for leaders navigating the future.
