Mumbai, March 29 (IANS) Cyber fraud cases are witnessing a sharp surge in Mumbai, with scammers posing as officials of Mahanagar Gas Limited (MGL) to dupe unsuspecting residents and empty their bank accounts within minutes using malicious APK files, police officials said on Sunday.
Investigators said fraudsters are exploiting the ongoing gas shortage across the country, a situation further aggravated by tensions linked to the United States and Iran conflict, to create panic among consumers.
Under this pretext, an organised cybercrime network has been targeting people by issuing threats of gas disconnection and manipulating them into downloading harmful applications.
Several such cases have emerged across Mumbai in recent weeks, revealing a highly coordinated pattern of fraud in which victims are tricked into making small payments before losing control of their mobile devices and bank accounts, police said on Sunday.
According to police data, these incidents are being reported almost daily, and in just the past month alone, fraudsters have collectively siphoned off close to Rs 1 crore.
One of the recent victims, Mitul Doshi, a 20-year-old businessman from Mulund West, was targeted on the morning of March 26 when he received a message claiming that his gas bill was overdue and warning that his connection would soon be disconnected.
Assuming the message to be legitimate, he paid Rs 1,150 as instructed. Later that evening, he received a call from a person claiming to be an MGL representative, who said the payment had not been updated in their system. The caller then sent him an APK file titled ‘Mahanagar gas bill update.apk’, asking him to complete the process, officials said.
The moment the file was downloaded and Doshi entered his banking credentials, the fraudsters gained unrestricted access to his phone and financial accounts. Within minutes, Rs 11.82 lakh was transferred out through multiple transactions, leaving him with no control over his funds.
A similar incident was reported in Malad East, where a 75-year-old retired man was targeted with a WhatsApp message carrying the official MGL logo and a warning of disconnection. The message demanded a nominal ‘system update’ fee of Rs 10, officials said.
Believing it to be genuine, the elderly victim downloaded the APK file and entered his card details. Within approximately 20 minutes, Rs 8.59 lakh was withdrawn from his account.
Police officials said these are not isolated cases but part of a larger, organised cyber fraud racket. Over the past month, dozens of complaints have been registered at different police stations across the city, collectively accounting for losses nearing Rs 1 crore.
In many instances, fraudsters deliberately use small amounts, such as Rs 7 to Rs 10, to lower suspicion and lure victims into downloading the malicious file without hesitation.
Investigations have revealed a consistent modus operandi followed by the syndicate. Victims first receive a message via SMS or WhatsApp claiming that their gas bill is pending and that their connection will be disconnected imminently.
This is followed by a phone call from a scammer impersonating a company official, who then sends an APK file under the guise of a ‘bill update’ or ‘system verification’.
In reality, the file contains malware that, once installed, allows fraudsters to access OTPs, banking credentials, and even remotely control the victim’s mobile device.
Within a matter of minutes, money is transferred out of the account, often before the victim realises what has happened.
Warning the public about the rising threat, Cyber Police officials said, “No gas company or authorised agency sends APK files for payments or updates, and no official will ever ask for OTPs, passwords, or banking details over a phone call.”
Authorities have urged citizens to rely only on official websites or authorised mobile applications for any information related to gas bills or connections and to avoid clicking on unknown links or downloading suspicious files.
In case of such fraud, victims are advised to immediately report the incident by calling the National Cyber Helpline at 1930 and ensure that their bank accounts are frozen without delay to prevent further financial loss, officials said.
–IANS
sd/