Why in news
A traveler, Bhargavi Mani, lost nearly ₹1 lakh while attempting to book lounge access at Bengaluru airport due to a cyber scam.
The scam involved downloading a malicious APK file shared via a WhatsApp chat from an international number
How Do Cybercriminals Use Big Tech Platforms?
The scammers used a fake website (loungepass.in) that appeared in Google search results, misleading victims into believing it was legitimate.
Victims were lured using social engineering tactics, convincing them to download the malicious app.
The scam exploited gaps in the verification processes of search engines and utilized WhatsApp for communication.
How Did the Malicious APK Work?
The APK allowed scammers to gain screen mirroring access to Mani's device during a fake customer service video call.
Once installed, the APK could enable call forwarding, allowing scammers to intercept OTPs and complete unauthorized transactions.
Who Was Behind the Scam?
The fake site was registered in Gujarat, India, but details of the registrants were redacted, complicating investigations.
The website was taken down following the incident, but investigators can still seek the underlying registration details.
How Bad Is the Cybercrime Situation in India?
In 2023, reported online scams led to losses of ₹66.66 crore across 4,850 cases.
Digital financial fraud in the last three years totaled approximately ₹1.25 lakh crore.
India ranked fifth globally for account breaches in 2023, with over 5.3 million accounts compromised.
COMMENTS