ADVERTISEMENT

Elderly Ballygunge Place resident cheated out of money in online bid to buy groceries

Android programming kit is a software that fraudsters use to gain remote access to victim’s phone, without waiting for OTP

Monalisa Chaudhuri Gariahat Published 17.07.23, 05:08 AM
Representational image

Representational image File picture

An elderly resident of Gariahat was cheated out of his money through an “APK” link while he was trying to buy groceries online after seeing a lucrative offer in an advertisement with the logo of a reputable grocery portal on a social media page last week, police said.

An “android programming kit (APK)” is a software that fraudsters use to gain remote access to the victim’s phone, enabling them to carry out fraudulent online transactions without waiting for the victim to share any OTP.

ADVERTISEMENT

The 70-year-old Kolkatan, who thought it was safe to order groceries online by choosing the “cash on delivery” option, was asked to fill in an “online form” by clicking on a link. Minutes later he received text messages from his bank informing him that a total of Rs 32,908 was debited from his account.

Dipankar Sarkar, a resident of Ballygunge Place, and his family members have reported the fraud to Gariahat police station.

“My father-in-law saw an advertisement of an online grocery portal which was offering a good discount. He wanted to place an order and asked me to finalise the order with ‘cash on delivery’ option, thinking that would be safe as no online transaction was involved,” said Sohini Ghosh Sarkar.

Minutes after placing the order, Dipankar Sarkar received a phone call.

“The caller said he was from the online portal where we had placed the order. He said he had called to inform us that our order would reach us between 2pm and 4pm. He then said that my father-in-law just needed to complete a formality by typing his name and mobile number in an online form that would be sent to us. Then a link was sent through WhatsApp,” Ghosh Sarkar said.

The elderly man clicked the link and an APK form was downloaded on his phone, the police said. A few minutes after he typed his name and number, he received four text messages.

“The first message said an OTP had been generated. Soon, another message came that said Rs 31,729 had been debited from my father-in-law’s account for online purchase of apparel from a portal,” said Ghosh Sarkar.

Before the family could understand what was happening, came a third message saying yet another OTP had been generated and then came a fourth which said Rs 1,179 had been debited for a purchase from another e-commerce site.

In both cases, Ghosh Sarkar said, the money had been debited though the family did not share the OTPs.

Realising that they had been duped, she contacted the bank’s customer care and got her father-in-law’s debit card blocked.

The family then lodged a complaint with the bank and Gariahat police station.

“The downloading of APK files results in the installation of malware in the phone. Fraudsters get remote access to the victim’s phone through the malware and can initiate financial transactions. They can also see OTPs sent to the victim’s phone,” an officer said.

It is best not to click on any link shared by unknown persons even if it appears harmless, the officer warned.

Follow us on:
ADVERTISEMENT