Srinagar, Dec 27: A harmless festive greeting on WhatsApp is emerging as a new tool for cyber fraud, with users being tricked into downloading malicious APK files that can compromise their smartphones and bank accounts.
The scam typically begins with a message wishing users a happy festival or New Year and urging them to download an attached APK file to view customised greetings or images.
Soon after installing the file, victims may notice unusual activity on their phones, including apps opening automatically, contacts being accessed, and in some cases, unauthorised bank transactions.
Cyber police officials here said that these APK files are designed to silently gain control of devices once installed. Such cases tend to increase during festive periods, when people are more likely to click on unfamiliar links or download files without careful verification.
An Android Package Kit, or APK, is a file format used to install applications on Android smartphones, similar to executable files on Windows computers. While apps downloaded from the Google Play Store are generally safe, APK files can also be shared through messaging platforms or third-party websites, a process known as sideloading.
Experts warn that APKs from untrusted sources may contain malware capable of accessing personal data or causing financial losses.
Cyber officials said earlier versions of the scam used government-related file names such as RTO Challan.apk or SBI Yojna.apk. More recently, fraudsters have shifted to festive themes, using names like New Year Gift.apk, Christmas Greeting.apk or Last Year Party Pics.apk to make the file appear harmless.
According to them, regardless of the name, the APK contains the same malicious software. Once installed, it can gain extensive control over the phone, putting banking details and personal data at risk.
Malware, or malicious software, is designed to steal data or damage systems. Common forms include spyware, Trojan viruses, ransomware and adware.
After installation, they said, these apps often request permissions such as access to SMS messages, notifications, contacts and storage. In reported cases, this access has been used to read bank OTPs, monitor transaction alerts, take over WhatsApp accounts to spread the scam further, and steal contact lists.
Officials said the scam is particularly effective in India due to high reliance on WhatsApp for communication, widespread use of Android smartphones, festive distractions, and the use of local languages and cultural references to make messages appear authentic.
Warning signs include greetings that require app installation to view, unfamiliar links, and apps requesting access to SMS or notifications for no clear reason.
Authorities have advised users who may have installed such APKs to uninstall the app immediately, disconnect the phone from the internet, change passwords using another device, inform their bank, alert contacts, and report the incident through cybercrime.gov.in, the cybercrime helpline, or a local police station.