A 37-year-old homemaker from Nikol, Ahmedabad, has reportedly lost more than ₹7.46 lakh after cyber fraudsters allegedly used a fake bank KYC update message, a malicious APK file and impersonation tactics to gain access to her bank account.
The victim, identified as Neelam Patel, was allegedly targeted through WhatsApp messages claiming that her Bank of India account required an urgent KYC update. The message carried a link and an APK file named “BOI Pan Card Update.apk”, which appeared to be related to Aadhaar and PAN verification. However, the file was allegedly designed to steal sensitive banking details once installed on a mobile device.
According to the complaint, the message was received on May 19, 2026, from an unknown number. At first, the family did not act on it. Later, after an informal discussion at a local bank branch, they reportedly believed the message could be genuine. The victim’s husband then installed the application, which became the starting point of the financial breach.
Soon after the application was installed, the victim began receiving debit alerts and OTP notifications for transactions she had not initiated. This raised suspicion, and further checking revealed that money had been transferred from her savings account in multiple instalments.
The fraudsters allegedly used different transaction routes, including IMPS transfers and bill payments, to move the stolen funds. The reported transaction amounts included ₹1.79 lakh, ₹1.95 lakh, ₹49,500, ₹1.24 lakh, ₹25,000 twice and ₹1.48 lakh. Together, the unauthorised debits added up to around ₹7.46 lakh.
Investigators suspect that the APK file may have worked as a data-stealing tool. Such malicious applications can collect banking credentials, read OTP messages, monitor phone activity and give fraudsters access to account-related information. In many cyber fraud cases, the victim does not immediately realise that the device itself has been compromised.
A serious part of the case is the reported change of the email ID linked with the victim’s bank account. The accused allegedly replaced her original Gmail ID with another email address. This step may have allowed the fraudsters to control account recovery and authentication channels, making the fraud deeper than a simple one-time transaction theft.
The case shows how cybercriminals use social engineering to create panic and urgency. By pretending to be bank officials and using words like KYC, PAN update and account verification, fraudsters make victims believe that immediate action is needed to keep their bank accounts active. This pressure often leads people to click links or install files without proper verification.
After noticing repeated unauthorised debits, the victim contacted the national cybercrime helpline 1930 and also filed a complaint through the cybercrime reporting portal. The bank was informed so that further access could be blocked and the account could be secured.
Ahmedabad Cyber Crime Police have registered a case and started an investigation. Officials are now trying to trace the WhatsApp number used in the fraud, identify the accounts where the money was transferred and examine the digital trail left behind by the attackers.
No arrests have been reported so far. The investigation is focusing on transaction chains, device-level forensic checks and possible links with similar APK-based fraud cases in Gujarat and other parts of India.
This incident is another reminder that bank-related messages received through WhatsApp, SMS or unknown links should never be trusted without direct verification. Banks generally do not ask customers to install APK files or share OTPs for KYC updates. Users should download banking apps only from official app stores and should avoid opening files sent by unknown numbers.
For families and small businesses, the case also highlights the importance of maintaining clear financial records and checking bank statements regularly. When transactions are reviewed on time, suspicious debits can be spotted faster and reported within the critical window. In this wider financial safety context, organised record-keeping through bookkeeping services in india can help businesses monitor cash flow, reconcile accounts and detect unusual entries before they become larger losses.
The broader lesson from this case is simple: cyber fraud is no longer limited to fake calls or OTP sharing. Fraudsters are now using mobile malware, account recovery changes and trusted banking language to take control of financial accounts. Awareness, verification and regular transaction monitoring remain the strongest first line of defence.