A 63-year-old businessman from Ahmedabad lost Rs 9.22 lakh after falling victim to a cyber fraud that began with a phone call offering a 'senior citizen pension card.' The fraudsters allegedly tricked him into installing a malicious mobile application that granted them access to his banking details.
How the Scam Unfolded
The victim, a resident of Vasna who runs an air conditioner business near Gujarat University, received a call on June 1 from a person claiming to be from a private bank. The caller asked if he was interested in obtaining a senior citizen pension card. When the businessman declined, the caller warned him that he must formally cancel the offer or face issues with his bank account and fixed deposits.
As part of the cancellation process, the caller sent the victim a WhatsApp message from another mobile number, which displayed the bank's logo as its profile picture. The message contained an APK file with the bank's name and 'pension card' in the filename. Believing the communication to be genuine, the businessman downloaded the application and joined a video call with the fraudster, who guided him through the installation process. During the call, he was asked to provide personal information, including his Aadhaar and PAN card details.
The Aftermath
The next day, multiple SMS alerts began arriving on his phone regarding Aadhaar updates, debit card PIN changes, and net banking activities. Alarmed, he checked his bank account and found that two fixed deposits worth more than Rs 8.9 lakh had been prematurely broken, and the amount transferred to his savings account. Police said the money was then moved through a series of transactions to multiple bank accounts and payment gateways. The total loss was calculated at Rs 9.22 lakh.
Action Taken
The victim immediately contacted the national cybercrime helpline 1930 before filing a formal complaint with the Cybercrime police. Investigators suspect the APK file contained malware that enabled the fraudsters to remotely access the victim's mobile phone, capture banking credentials, and intercept one-time passwords. A case has been registered against unidentified persons for cheating, identity theft, and unauthorized access to digital systems. Police have launched an investigation to trace the beneficiaries of the transactions.
