Ahmedabad Nursing Staffer Defrauded of Rs 7 Lakh in Sophisticated WhatsApp Cyber Attack
A 55-year-old nursing staff member employed at Asarwa Civil Hospital in Ahmedabad has become the latest victim of a sophisticated cyber fraud scheme, losing a staggering Rs 7 lakh from her salary account. The incident, which highlights the growing threat of mobile-based financial crimes, was detailed in a police complaint filed on Sunday with the city's cybercrime unit.
Details of the Financial Heist
According to the official complaint, the victim, a resident of Naroda, maintained her primary salary account with Union Bank of India. The alarming discovery began on the morning of October 28, 2025, when she noticed a bank message indicating her account balance stood at approximately Rs 4 lakh. This immediately raised suspicions, as she knew her actual balance should have been closer to Rs 9 lakh.
Upon further investigation, the nursing staffer found multiple debit alerts on her mobile phone that she had not authorized. When she attempted to access her bank's official mobile application to verify the transactions, the app failed to open completely, adding to her growing concern.
Bank Investigation Reveals Systematic Fraud
The victim promptly visited her bank branch, where officials conducted a thorough examination of her account activity. Their investigation revealed that five separate IMPS transactions, totaling exactly Rs 7 lakh, had been executed between October 28 and 29, 2025. The stolen funds had been systematically transferred to multiple different accounts without the account holder's knowledge or consent.
The Malicious APK File That Started It All
During the subsequent police inquiry, a critical detail emerged about the events leading up to the financial theft. Approximately two days before the fraudulent transactions occurred, the nursing staffer had received a WhatsApp message from an unknown telephone number. The message contained a file titled "RTO UPDATE YOUR CHALLAN2.apk" which appeared to be related to vehicle registration or traffic fine updates.
After downloading and installing this APK file on her mobile device, cyber criminals allegedly gained complete unauthorized access to her smartphone. This access enabled them to steal sensitive banking credentials and, most critically, intercept one-time passwords (OTPs) that are typically required to authorize financial transactions.
Police Response and Legal Action
Following the discovery of the substantial financial loss, the victim immediately registered a formal complaint through the national cybercrime helpline and portal. The Ahmedabad police have registered an offense under multiple sections related to cheating and identity theft against unknown persons.
The case specifically targets the unidentified sender of the malicious APK file as well as the holders of the beneficiary accounts that received the stolen funds. This incident serves as a stark reminder of the sophisticated methods employed by cyber criminals to exploit unsuspecting individuals through seemingly legitimate mobile applications and messaging platforms.
Financial cybersecurity experts emphasize the importance of never downloading applications or files from unknown sources, even if they appear to come through trusted messaging platforms like WhatsApp. Official banking applications should only be installed through authorized app stores, and users should remain vigilant about any unexpected messages containing downloadable content.
