Top News

Cyber fraud cases in India are rising at an alarming pace, and scammers are now using smartphones themselves as tools to trap unsuspecting people. In a major development, India’s Ministry of Home Affairs (MHA) and the Indian Cyber Crime Coordination Centre (I4C) have issued a nationwide alert against a deceptive Android application that was secretly sending fraudulent SMS messages from users’ phones.

The app, marketed as an online earning and investment platform, was operating as part of a larger cybercrime network. Authorities found that thousands of users had unknowingly become participants in a scam ecosystem, with their devices being used to spread fraudulent messages across the country.

According to official findings, the app lured users with promises of easy money through simple tasks and online investments. Once installed, it requested permissions such as SMS access, network connectivity, and background activity rights—permissions many users granted without fully understanding the risks.

After gaining access, the app quietly began sending bulk SMS messages from users’ phones without their knowledge. These messages were used to:

• Promote fraudulent schemes

• Redirect victims to scam links

• Expand the reach of cybercrime networks

I4C officials stated that the app was connected to unknown external servers, allowing cybercriminals to control messaging activity remotely. As a result, innocent users’ phone numbers were misused, putting their privacy, reputation, and financial safety at risk.

Several complaints revealed that users noticed unusual SMS activity only after telecom alerts or warnings from contacts who received suspicious messages.

Recognizing the scale and seriousness of the threat, the Ministry of Home Affairs initiated immediate countermeasures. Authorities successfully blocked the app’s command-and-control servers operating within India, effectively disabling its ability to send fraudulent messages.

In addition to this:

• Four Telegram channels with over 1.5 lakh subscribers promoting the app were blocked

• More than 50 YouTube videos advertising the fake earning platform were taken down

• Over 15 million fraudulent SMS messages per day were stopped as part of the crackdown

Officials described this action as a major success in disrupting an organized cyber fraud network that relied on mobile devices to scale operations.

What made this case particularly concerning was that victims were unknowingly turned into carriers of cybercrime. Unlike traditional scams where users directly lose money, this model weaponized personal smartphones, exposing users to legal, financial, and privacy risks.

Cybersecurity experts warn that such scams are becoming more sophisticated, often hiding behind legitimate-looking interfaces and aggressive online promotions. The promise of “easy income” remains one of the most effective traps used by cybercriminals.

The government and cyber experts have issued clear guidelines to help users stay safe:

• Avoid downloading apps that promise guaranteed or effortless earnings

• Install apps only from trusted platforms like the Google Play Store

• Carefully review app permissions, especially access to SMS and contacts

• Immediately uninstall suspicious apps and scan devices for malware

• Report unusual SMS activity or cyber fraud incidents on the official I4C cybercrime portal

Users who may have installed such apps are advised to check phone settings, revoke unnecessary permissions, and update security software.

Authorities emphasize that awareness is the strongest defense against digital fraud. As cybercriminals evolve their methods, users must remain alert and skeptical of offers that sound too good to be true.

This incident highlights how cyber fraud is no longer limited to fake calls or emails—mobile apps themselves are now being misused on a massive scale. Staying informed and cautious can prevent personal devices from becoming tools in criminal operations.