Pune Cyber Police Heighten Vigilance Ahead of Valentine's Day to Combat Digital Frauds
In Pune, cyber police and cybersecurity experts are maintaining a close watch on online activities in the lead-up to Valentine's Day, a period historically marked by a significant increase in digital frauds. This surge is driven by heightened online shopping, gifting, and social media interactions as people celebrate the occasion.
Authorities Issue Warnings Against Common Scams
The Union home ministry's cyber safety outreach handle, Cyber Dost, has issued urgent advisories, urging internet users to exercise extreme caution. They specifically highlight risks associated with suspicious links, unexpected deliveries, and phone calls from individuals posing as delivery agents during 'Valentine's Week'. Officials explain that scammers frequently exploit the festive atmosphere by distributing fake e-cards, gift links, and romantic messages. These are cleverly designed to deceive users into clicking on malicious URLs or divulging personal and financial information.
In more sophisticated schemes, fraudsters impersonate delivery personnel and attempt to activate call forwarding on victims' mobile phones. This tactic allows them to intercept one-time passwords (OTPs) and gain unauthorized access to bank accounts, leading to substantial financial losses.
Expert Insights on Modus Operandi and Protective Measures
A senior official from the Pune cyber cell emphasized additional precautions, particularly regarding QR codes and payment requests circulated via social media or messaging platforms during this season. "When scanning a QR code, always verify its authenticity. For online transactions, never transfer money to unknown bank accounts," the officer stated. He elaborated that criminals often distribute counterfeit payment QR codes while masquerading as sellers or delivery partners for Valentine's Day gifts.
The official further noted that cybercriminals aggressively propagate messages on WhatsApp and other social media platforms, featuring enticing offers for Valentine's Day gifts and discounts. "These messages frequently contain links that trigger the download of APK files—Android application packages used to install apps outside the official Google Play Store. Such files can deploy malicious applications that steal personal data, access SMS and banking OTPs, or even seize control of devices," he warned.
Cybercrime investigation expert Sandip Gadiya shared detailed accounts from recent cases. "I encountered two incidents related to Valentine's Day cyber frauds, both employing similar tactics. Victims received messages from unknown numbers on WhatsApp or Telegram. Upon clicking the shared link, an APK file automatically downloaded onto their phones," Gadiya explained.
He continued, "Once the user opens that APK file, the fraudster gains complete access to the entire device. This occurred in both cases, where the attacker not only accessed all OTPs via SMS but also hijacked the victim's WhatsApp account. From there, the fraudster disseminated the same deceptive Valentine's Day messages to all of the victim's contacts."
Describing a second case, Gadiya highlighted how the fraudster again used a WhatsApp message link to target the victim. "After the victim clicked the link, an APK file was downloaded, and the attacker attempted to infiltrate the victim's phone and Google Pay account. Although technical glitches prevented success, this incident underscores how attackers are actively seeking to control payment applications through such malicious downloads," he added.
Essential Safety Recommendations from Experts
Gadiya offered crucial advice for the public: "Individuals must adhere to several key precautions. Avoid clicking on links from unknown sources and never download APK files sent through such messages. The ministry of home affairs' cybercrime department recommends specific apps for protection. One is mKavach 2, developed by C-DAC, which removes high-risk applications from phones and identifies malicious APK files that may have been inadvertently downloaded. Additionally, installing an eScan bot removal tool can help detect and eliminate malicious bots operating on devices."
Another cybersecurity expert stressed the importance of vigilance regarding physical deliveries and information requests. "People should refrain from accepting unknown parcels delivered in their name and remain alert to calls soliciting sensitive information. Victims of cyberfraud should report incidents immediately by calling the national cybercrime helpline at 1930 or filing a complaint on the official cybercrime portal," the expert advised.
This proactive monitoring and public awareness campaign aim to safeguard users during a vulnerable period, ensuring that celebrations are not marred by digital threats.
