Hyderabad: Hyderabad City Police warned the public of APK file cyber frauds, where fake apps disguised as bank or government tools steal OTPs and personal data. Fraudsters spread these apps through social media, SMS, WhatsApp, and fake websites.
They trick users with promises of cashback, job offers, or KYC updates. Victims are pushed to download APK files like RTO Challan.APK or PMKisanYojana.apk. These apps do not come from official platforms like Google Play.
After installation, these apps ask for permissions such as SMS access and screen sharing. This allows the criminals to read messages and capture sensitive details, including banking credentials.
APK file cyber frauds use fake links, remote tools, and app disguise
Many of these apps also contain Remote Access Tools (RATs). These let scammers control the device and make unauthorized transactions. They often copy the look of real bank or government apps. Known file names include ElectricityCurrentBill.APK, HMWSSB.apk, and rewardpoints.apk.
𝐁𝐞𝐰𝐚𝐫𝐞 𝐨𝐟 𝐟𝐚𝐤𝐞 𝐀𝐏𝐊 𝐟𝐢𝐥𝐞𝐬
The cyber fraudsters are circulating malicious APK files through social media, messaging platforms, WhatsApp, SMS, Telegram, and fake websites, falsely claiming to offer government benefits, bank services, KYC updates, cashback… pic.twitter.com/g5Ca4HVajf
— Hyderabad City Police (@hydcitypolice) November 25, 2025
Police advised people to never install APKs shared via messages or unknown websites. It is important to avoid clicking on suspicious links and verify all claims with official sources.
Citizens should keep their phones updated and install trusted antivirus apps. Moreover, no one should ever share OTPs or passwords with apps or callers.
To report cyber fraud, contact the National Cybercrime Helpline at 1930 or visit cybercrime.gov.in.