The Incident in Hingoli District
A government employee in India’s Maharashtra state has become the latest victim of cyber fraud after falling for a deceptive WhatsApp message. The man, based in Hingoli district, reportedly lost nearly ₹2 lakh (around USD 2,300) when he clicked on a malicious file disguised as a wedding invitation.
According to local media reports, the victim received a WhatsApp message in late August, inviting him to a wedding scheduled for 30 August. The message contained warm greetings and an attachment that appeared to be a PDF file. Believing it to be a genuine wedding card, he clicked the attachment.
However, instead of opening a harmless invitation, the file turned out to be an Android Package Kit (APK) — a type of file used to install applications on Android devices. Once installed, the file gave hackers remote access to the victim’s phone and sensitive financial information.
Within minutes, cybercriminals transferred ₹1,90,000 from his bank account.
Complaint and Police Action
The victim has since lodged a complaint against an unidentified suspect. Maharashtra’s cyber police confirmed they are investigating the case. Authorities in Himachal Pradesh have also issued a warning, urging citizens to remain vigilant about suspicious links and attachments received through social media platforms.
Police officials highlighted that the case is part of a broader trend of cyber scams exploiting human trust and social customs. In India, where wedding invitations are often shared digitally through WhatsApp and other apps, criminals are increasingly using this cultural norm as a trap.
How the Scam Works
Cybersecurity experts note that APK files are a common tool for hackers. When unsuspecting users download and install these files, they unknowingly grant permission for the malicious app to access personal data, including contacts, text messages, and banking information.
Fraudsters often disguise such files as innocuous items — invoices, delivery receipts, or in this case, a wedding card. Once the malware is installed, it can run in the background, sending sensitive details to hackers without the user’s knowledge.
A Growing Cybersecurity Challenge in India
Cybercrime has become a major challenge in India, with scams ranging from phishing emails to fraudulent loan apps. According to India’s National Crime Records Bureau (NCRB), over 65,000 cases of cybercrime were registered across the country in 2022, marking a steady year-on-year increase.
Financial fraud accounted for nearly 60% of those cases. Experts say the actual numbers may be higher, as many incidents go unreported due to fear or lack of awareness.
The rise of smartphone use and mobile banking has made digital fraud more lucrative for criminals. With over 450 million WhatsApp users in India — the platform’s largest market globally — scammers see it as fertile ground for targeting individuals.
Police and Expert Warnings
Following the Hingoli case, cyber police have urged citizens to:
-
Avoid clicking on unknown links or files.
-
Refrain from downloading APK files from unofficial sources.
-
Regularly update phone security settings.
-
Use verified anti-virus software.
Authorities also stress the importance of raising awareness, especially among elderly users and those less familiar with digital security.
Cybersecurity specialists recommend enabling two-factor authentication on banking apps and closely monitoring transaction alerts. They emphasize that prevention remains the best protection, as recovering stolen funds is often difficult once they are transferred.
A Reminder of Digital Risks
The case in Hingoli highlights how cybercriminals are exploiting cultural traditions and everyday digital interactions. A simple click on what appeared to be a routine wedding invitation cost the victim his savings, underscoring the urgent need for caution in the digital age.
As digital communication becomes more integrated into social life, experts warn that scams will continue to evolve. For individuals, the lesson is clear: verify before you click.
