The Ground Railway Police in Mumbai have cautioned citizens about a surge in fake New Year greeting links circulating on WhatsApp ahead of the celebrations, warning that clicking on these malicious links could lead to the theft of personal and financial information. Police said people may get messages promising personalised New Year greeting cards or digital gifts, prompting them to click on a link to view the content. Officials warned that such links often lead to the download of harmful APK files, which can install spyware or malware on mobile phones. Sharing more insights about how these APK files can lead to a huge scam, Cyber Security expert Atharva Ajit Raje told Lokmat Times during the New Year, people often receive friendly-looking WhatsApp messages asking them to open links or files for special greeting cards, gifts, photos, or videos. Clicking these links can download malicious APK files that give scammers access to personal data, messages, and even allow them to misuse the victim’s phone number to contact others.
Atharva Ajit Raje said, “During the New Year, people often receive WhatsApp messages wishing them and asking to open a link or a file to see a special greeting card, a gift, a photo, or a video. The message usually looks friendly and appears safe. Once you click on the download, the file will start to download. This is the malicious APK file and not the greeting or a gift card. Once this APK file gets installed on your phone, it instantly gives scammers access to your phone. They can read your messages and steal personal information, and can even send messages to your contact list from your Phone Number. These files are like traps that appear to be legitimate and steal money and confidential data from your phone.”
What is an APK File?Atharva Ajit Raje said, “APK stands for Android Package Kit. It is the file that is used to install applications in Android Phones. It contains all the files that are required for an app to function properly. When we download and install any app from the Play Store or a trusted website, our phone uses APK to set up the App. In simple language, it's similar to a ready-to-eat food packet, just like it contains all the ingredients and instructions to get food ready. Similarly, APK contains all the requirements to function as the App.”
What happens after such APK files are downloaded?Atharva Ajit Raje said, “Once such malicious APK files are downloaded, Malware is installed in the background, and it can steal all your personal information, read messages, access your contact list, and send malicious messages from your number to your contact list without permission. They can even steal your OTP and turn on call forwarding.”
What is Malware?Malware, short for malicious software, is harmful software that secretly enters devices through unsafe links or downloads to steal personal data or spy on users without their knowledge. Explaining in detail, Atharva Ajit Raje told Lokmat Times, “Malware is short for Malicious Software. It is harmful software that is made to steal personal information or to spy on users. It enters the device through unsafe links, apps, unknown downloads, etc, and works in the background without the user's knowledge.”
Nowadays, a new RTO scam is circulating, with people receiving messages claiming to be from the RTO and stating that an unpaid challan is pending. The RTO never sends such messages on WhatsApp, so users should always check the link extension carefully.These scams are also occurring through regular SMS. Please note that the Government has published legends to identify such messages:
- P for Promotional messages
- T for Transactional messages
- G for Government messages
- S for Service messages
Warning Signs and Precautionary Measures:Explaining what precautions one should take if they get scammed by APK files, Atharva Ajit Raje told Lokmat Times, if you receive such messages look for following signs:
1. For links i. Check for the http extension: If the link contains http:// never click on that link.ii. If the link contains https:// always copy the link and scan the link with https://virustotal.com. You can also scan files on this tool. iii. Check for typo errors in the linkiv. https:// is the secured protocol
2. For Files or documents:i. Check for the extensions: For photos, general extensions are: png, jpg, jpegFor videos, general extensions are: mp4If you find a file with photos.apk, like - newyeargreeting.apk - it is a malicious file and do not open it.
3. Turn on 2-factor authentication for every app for WhatsApp- go to Settings-> Account.
4. By any chance, you clicked the link or downloaded the malicious software, and your account got hacked, please follow measures below:i. Uninstall that APK, clear the data of that APK, and Factory Reset the phone.ii. Complain to our National Cybercrime https://cybercrime.gov.in or on helpline number 1930iii. If your WhatsApp account got hacked, follow the links below to raise disputes:
a. https://www.whatsapp.com/contact/forms/1534459096974129?lang=en
b. Mail with evidencesmb_web@support.whatsapp.comgrievance_officer_wa@support.whatsapp.com
c. If no response, then Appeal to GAChttps://gac.gov.in
5. Uninstall and reinstall WhatsApp from the Play Store.6. Enter your code and verify via SMS.7. If the hacker has enabled 2FA, then wait for 7 days to regain access. Deactivate call forwarding on VI or Airtel from dialpad using: ##21# and for jio: **413
For any sort of Financial Loss:1. Lodge a Complaint on the cybercrime portal: https:://cybercrime.gov.in or 19302. Complaint in the Golden Period that is within 1 Hour of financial loss.3. Call the bank and let them know about the crime, and ask them to stop the transaction, takea a FIR copy with you.4. Ask the bank to freeze the account.