A serious case of cyber fraud has surfaced from Lucknow, where a trading businessman lost ₹52.31 lakh over 41 days after unknowingly installing a malicious APK file on his phone. The incident highlights how minor lapses in digital caution can lead to major financial losses.
The victim, Mohammad Salim, a resident of Ashbagh, said the fraud began in 01 when he received a link on his mobile that appeared normal. After clicking it, an APK file was automatically downloaded and installed. Although he later deleted the app, cybercriminals had already gained access to his device.
The fraud was discovered in 03 when Salim visited his bank to update his passbook. Officials informed him that multiple transactions had taken place between 01/13 and 02/23, leading to withdrawals of ₹52.31 lakh. He then filed a complaint, triggering an investigation.
Initial findings suggest the APK file contained malware that allowed attackers to monitor mobile activity and access sensitive banking details, including login credentials and transaction data. The money was transferred in small amounts to multiple accounts over several weeks to avoid detection.
Cybersecurity experts explain that APK files, used to install apps outside official platforms like Google Play Store, can carry hidden malware if sourced from unverified links. Once installed, such apps can give hackers remote control over a device.
Commenting on the case, cybercrime expert and former IPS officer Triveni Singh said criminals rely on “social engineering” tactics. “Fraudsters design links and files to appear trustworthy—such as wedding invitations, bank alerts, or official notices. The moment a user downloads such files, they unknowingly hand over control of their device to criminals,” he explained.
In a separate case from Chowk, another individual lost ₹51,000 after receiving a call from someone posing as an insurance agent offering policy renewal services. Investigators noted that such scams are becoming more planned and deceptive.
Authorities advise users to avoid clicking unknown links or downloading APK files from untrusted sources, including platforms like WhatsApp. Victims of cyber fraud should immediately call the national helpline 1930 or report the incident on the official government portal.
The investigation is ongoing, with officials tracking transaction trails and digital evidence. More arrests are expected as the probe continues.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream LinkedIn | The Mainstream Facebook | The Mainstream Youtube | The Mainstream Twitter
About us:
The Mainstream is a premier platform delivering the latest updates and informed perspectives across the technology business and cyber landscape. Built on research-driven, thought leadership and original intellectual property, The Mainstream also curates summits & conferences that convene decision makers to explore how technology reshapes industries and leadership. With a growing presence in India and globally across the Middle East, Africa, ASEAN, the USA, the UK and Australia, The Mainstream carries a vision to bring the latest happenings and insights to 8.2 billion people and to place technology at the centre of conversation for leaders navigating the future.
