Dalimss News
General

Beware of the ‘Hidden Trap’: ACP Vidush Saxena Warns Against Unknown APK Files

By Priyanka Kapoor5 min read
media

In an exclusive briefing to Dalimss News, Vidush Saxena, Assistant Commissioner of Police (ACP) Cyber Crime, Varanasi, issued a high-alert advisory to the public regarding the surging threat of malicious APK files. Terming them a "major gateway" for cyber fraud, the ACP emphasized that digital safety now hinges on a single moment of caution.

The APK Threat: A Digital Trojan Horse Cybercriminals are increasingly abandoning traditional methods in favor of sophisticated malicious applications. According to ACP Saxena, these "Trojan-style" apps are often disguised as attractive offers, system updates, or essential services.

“One wrong click can cost you your hard-earned money,” ACP Saxena cautioned. “Cyber criminals gain access to your mobile phone’s SMS, gallery, and banking credentials within minutes of an APK installation.”

Recent investigations by the Varanasi Cyber Cell revealed that these files often contain SMS forwarders, which allow hackers to intercept One-Time Passwords (OTPs) without the user ever seeing the message. This bypasses the security of almost all Indian banking apps.

The ‘Pause & Mindful’ (P+M) Rule To help citizens navigate the digital landscape, the ACP introduced the P+M strategy:

Stop: Immediately halt any action when prompted to download a file from a link.

Think: Evaluate why a legitimate service would send an APK file via WhatsApp or SMS instead of using the Play Store.

Verify: Check the authenticity of the sender before proceeding.

Prevention: Your Strongest Defence The Cyber Crime Police Station recently made a string of high-profile arrests, including a Jharkhand-based gang that siphoned over ₹42 lakh from local residents using similar APK tactics. While the police continue to crack down on these syndicates, officials maintain that prevention is the most effective solution.

The Varanasi Police Advisory:

Official Stores Only: Never download apps from third-party websites or links. Use the Google Play Store or Apple App Store.

Zero Sharing: Never share OTPs, PINs, or banking passwords, even if the caller claims to be a bank official or police officer.

Report Fast: If you suspect a fraud, immediately dial the national cyber helpline at 1930 or visit www.cybercrime.gov.in.