Ahmedabad Cyber Alert: New 'Accident Alert' Scam Steals Money Without OTPs
Ahmedabad: New 'Accident Alert' Scam Steals Money Without OTPs

Ahmedabad Cyber Alert: New 'Accident Alert' Scam Steals Money Without OTPs

In a disturbing development in cybercrime, fraudsters in Ahmedabad and surrounding regions have devised a new and insidious method to exploit human emotions, specifically fear and urgency. They are circulating alarming "accident alert" messages that falsely warn recipients about a close relative being involved in a serious mishap. This scam has rapidly spread across rural and semi-urban areas, leading to significant financial losses for victims, even without them sharing OTPs or sensitive banking information.

How the Scam Unfolds: A Case Study from Kheda

A recent incident in Kheda district highlights the modus operandi. A farmer received a phone call from an unknown number, claiming that one of his relatives had been involved in a severe accident. The caller, sounding urgent and authoritative, informed him that photographs of the injured person would be sent via WhatsApp for verification. After delivering this distressing news, the caller abruptly disconnected the call.

Shortly after, the farmer received what appeared to be an image file on WhatsApp. Driven by concern, he clicked on the file. Instead of a photograph, he encountered a scanner-like interface on his screen. Sensing something suspicious, he immediately deleted the file and switched off his phone as a precautionary measure.

However, the damage was already done. Hours later, when he visited an ATM to withdraw cash, he was shocked to discover that nearly Rs 50,000 had been debited from his bank account without his authorization. A subsequent investigation at his bank revealed that the funds were siphoned off through an online transaction routed via a UPI-based transfer. The victim has since lodged a formal complaint with the cybercrime helpline and local police, but the incident underscores the sophistication of this new threat.

Technical Analysis: The Role of Remote Access Trojans

Cybersecurity experts have analyzed this fraud and identified it as involving remote access trojans (RATs) concealed within image files, typically disguised as common JPEGs. An official explained, "The moment the victim opens the file, malicious software is silently installed on the phone. This malware grants fraudsters remote access to monitor the device, infiltrate banking applications, and initiate unauthorized transactions without the victim's knowledge or consent."

Unlike conventional scams that rely on victims sharing OTPs, PINs, or clicking on phishing links, this method is more covert. The malware exploits accessibility permissions on smartphones and operates stealthily in the background, making detection extremely difficult until the money has already been withdrawn. This represents a significant escalation in cybercriminal tactics, bypassing traditional security measures that alert users to suspicious activities.

Police Warnings and Preventive Measures

Police and cybercrime officials have issued urgent warnings to citizens, advising them to exercise extreme caution with unsolicited files or links received on messaging platforms like WhatsApp, especially those designed to trigger panic or emotional distress. An officer emphasized, "Fraudsters rely heavily on emotional manipulation. Messages about accidents, hospitalisation, or police emergencies are crafted to force quick, unthinking reactions from victims. It's crucial to remain calm and verify such information through direct contact with family or authorities before taking any action."

To protect themselves, individuals are advised to:

  • Avoid opening unsolicited files or links from unknown senders, even if they appear to be image files.
  • Verify alarming messages independently by calling family members or relevant institutions directly using known, trusted numbers.
  • Keep smartphone security updated with the latest software patches and use reputable antivirus applications.
  • Monitor bank accounts regularly for any unauthorized transactions and report suspicious activities immediately to banks and cybercrime authorities.

This new scam serves as a stark reminder of the evolving nature of cyber threats in India, where criminals are increasingly leveraging psychological tactics and advanced malware to bypass security protocols. As digital transactions become more prevalent, staying informed and vigilant is paramount to safeguarding personal finances and data.