fake wedding cards: Fake wedding cards emptying bank accounts

Share This Post


The wedding season has brought to the fore a new fraud tactic: fake wedding cards.

Scammers are sending malicious wedding card pdf documents on WhatsApp that, when opened, downloads malware on the recipients’ device. In Rajasthan’s Bikaner, a man lost Rs 4.5 lakh from his account four days after he opened a wedding card document received from an unknown number.

The cyber departments in Himachal Pradesh, Rajasthan, Uttar Pradesh and Gujarat have issued warnings about opening such documents.

“Fake wedding cards coming on WhatsApp are emptying bank accounts,” the Ahmedabad Cyber Crime department said in a post on microblogging platform X on Sunday. “After sending fake wedding cards (apk file), people unknowingly click on it. After this, the apk file gets auto installed in the device and your device is hacked,” it said.

An APK (Android Package Kit) file is a file format used to distribute and install apps on Android devices which can be downloaded from Google Play Store or other websites. Phishing or malware apk files are created on non-Google platforms to avoid the tech firm’s scrutiny. Apple’s iOS devices do not download any other files/apps outside of the Apple Store.


Such malware attacks change with seasons, said Maharashtra special inspector general of police Yashasvi Yadav. “Sometimes it’s a lottery ticket pdf, or telephone bill, or ecommerce gift card. This time it’s the wedding card bait. The end objective of the scammer is to take control of your device,” he said. “We advise citizens to install malware-protection apps in their phones to prevent the installation of such apk files.”

Discover the stories of your interest


Cyberattacks in India are increasing by the day with criminals coming up with new modus operandi. In 2023, Indians lost Rs 120.30 crore to digital arrest scams, Rs 1,420.48 crore in trading scams, Rs 222.58 crore in investments scams and Rs 13.23 crore in romance/dating scams, according to the Indian Cybercrime Coordination Centre (I4C).More than 740,000 complaints were reported in India in the first four months of 2024, involving a loss of over Rs 1,750 crore, I4C data showed.

Experts said scammers are capitalising on an element of personalisation and suspense to bait users into clicking on malicious texts, links and documents.

“Primitive techniques of OTP-related frauds are now failing thanks to the awareness that banks have created among citizens,” said Dhiraj Gupta, cofounder and chief technology officer of digital fraud intelligence company MFilterIt. “Therefore, you will see a personalisation factor with the scammer making targeted attacks with victim’s names, family members, addresses and much more. That is why these wedding card scams do not raise suspicion for recipients,” he said.

Cybersecurity company Infopercept Consulting said these tactics are just the surface of a larger scheme. “In the background, cybercriminals aim to trick users into downloading malicious apk files,” said chief executive Jaydeep Ruparelia.

“Once downloaded, these files can give the attackers complete control over your phone. They can access your SMS messages, WhatsApp chats, net banking apps and more. For example, they can initiate a net banking transaction at night, intercept the OTP and drain your account,” he said.

Once they gain control of your phone, they can even impersonate and target other contacts with similar scams, perpetuating the cycle, he explained.



Source link

spot_img

Related Posts

spot_img