skip to content

Fake wedding invitations shared over WhatsApp, emails are Indian scammers’ favourite new tool

Scammers in India have found a clever new way to deceive victims—fake wedding invitations. These seemingly innocent-looking PDF files, often shared through WhatsApp or email, are laced with malware designed to infiltrate devices. In Rajasthan’s Bikaner, one victim fell prey to this ploy, losing Rs 4.5 lakh from his bank account just days after opening a fraudulent wedding card file from an unknown sender.

Authorities in states such as Himachal Pradesh, Rajasthan, Uttar Pradesh, and Gujarat have issued urgent warnings against opening unsolicited wedding card files. The Ahmedabad Cyber Crime Department has highlighted that many of these files come in APK (Android Package Kit) format, which auto-installs malicious software on Android devices when clicked.

How scammers exploit APK Files using fake wedding invitations

An APK file is typically used to distribute apps on Android devices, but scammers leverage its vulnerabilities to avoid scrutiny from platforms like Google Play Store. These malicious APK files can take complete control of a victim’s phone, granting attackers access to sensitive apps like net banking, WhatsApp, and SMS. They can even intercept OTPs, enabling them to drain bank accounts.

Maharashtra’s special inspector general of police explained that such scams are not entirely new. Over the years, scammers have used various seasonal baits, including lottery tickets, utility bills, and e-commerce gift cards. The wedding card tactic, however, plays on personalisation and emotional appeal, making it highly effective at catching people off guard.

India is witnessing a surge in cyberattacks as criminals adopt increasingly sophisticated methods. According to the Indian Cybercrime Coordination Centre (I4C), over Rs 1,750 crore was lost to online scams in the first four months of 2024 alone. Among these, fake wedding card scams are notable for their deceptive simplicity and high success rate.

Scammers now personalise their attacks, using victims’ names, family details, and other personal information to build trust. These tailored approaches lower suspicion, especially with emotionally resonant hooks like wedding invitations. This shift reflects the decline of traditional OTP-based frauds, thanks to increased awareness among citizens.

How to stay safe from wedding invitation scams

Cybersecurity experts stress the importance of vigilance and proactive measures. Installing malware protection apps and avoiding unsolicited files or links can help reduce the risk. Officials also recommend staying cautious of files that come from unknown sources, especially those in APK format.

Once malware is installed, the consequences can be severe. Scammers not only gain access to personal data but can also impersonate victims, spreading the scam further to their contacts. As these attacks grow in sophistication, awareness and preventive action remain crucial to safeguarding personal and financial data.

Share your love
Facebook
Twitter
LinkedIn
WhatsApp

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

error: Unauthorized Content Copy Is Not Allowed