A fake message impersonating the State Bank of India (SBI) being circulated on the internet, apparently by scammers, and urging its customers to download an APK file to earn reward points has prompted the Press Information Bureau’s (PIB) fact-check unit to issue a warning in the public interest. PIB has warned the public on X to ignore such links from dubious sources. Criminals often target victims via APK files sent through emails or SMSes in the guise of providing incentives like reward points. To tackle this menace, Punjab and Sind Bank has already started displaying a pop-up alert on its website to warn customers about the threat.

Its pop-up reads, “Fraudsters are sending fake messages saying the account is blocked due to KYC update or any other reason and are creating panic. They are asking customers to download APK files loaded with malware to steal account and personal information.”

Senior citizens considered more vulnerable to such traps should be particularly careful. So, let us delve deeper to understand what APK fraud is and how to avoid it.

What Is APK?

Android Package Kit, popularly called APK, is a file format the Android operating system uses for installing applications. An APK file in itself is not harmful. Files downloaded from the Google Play store are also in the APK format. However, the file’s safety depends on its source.

“The safety of APK files can vary based on where you source them. While APKs are not inherently harmful, the risk lies in where and how you download them”, according to the Airtel website. People often download these files to install applications not available on the Google Play store. This prompts people to download them from untrusted sources, which can be risky.

What Are The Risks Involved?

There is a risk of downloading malware, which can steal data and harm the device. A corrupt file can slow down the device. Moreover, such apps can lead to data privacy issues.

Also Read: Centre Assures EPS Pensioners To Look Into Their Higher Pension Demand

How Does APK Fraud Occur?

The APK links are sent through SMS or social media platforms, including WhatsApp. These messages appear from a genuine source, such as banks or government authorities and typically call for urgent action.

Experts suggest ignoring links from unknown sources. However, customers can check for updates directly from the banks’ official websites for any urgent deadline, offer, notification, etc., than relying on APK files from suspicious sources.

How To Safeguard Against APK Frauds?

Atish Shelar, COO of TechFini, a payment infrastructure solution provider, says, “APK files from untrusted sources may contain malicious code that can infect your device, steal data, or cause other damage. This can include spyware that monitors your activity or ransomware that locks your files. Malicious APKs can exploit vulnerabilities in your device’s operating system, potentially giving hackers control over your device.” He adds that hackers can gain access to personal information, such as login credentials, financial information, and private messages, if their malicious APK is installed on the device.

Shelar stresses, “Before installing any app, review the permissions it requests. Be wary if an app asks for more permissions than necessary for its functionality.”

Further, PIB’s warning states, “SBI never sends links or unsolicited APKs through SMS or WhatsApp and advised the customers not to click on such links or download unknown files.”

The Punjab and Sind Bank website cautions customers, saying they should never download files from strangers or click on unknown links. It suggests blocking any suspicious contacts and reporting them, and they should never share personal information with anyone online.

Also Read: PNB, BOI, Federal Among 5 Banks Revise FD Rates: Know Which One Offers The Highest Rate To Seniors

Other measures to safeguard yourself against APK frauds could be:

• Keep your device secure with updated anti-virus software. Anti-virus software can detect fraudulent apps and prevent them from accessing and damaging the data and the device.
• Make it a habit to update the operating system and software regularly. This will keep your operating system’s protection mechanism up to date.
• Check the source’s genuineness before clicking on any link; avoid clicking it if it is not from an authentic source.
• If you receive a suspicious message on WhatsApp or SMS, block it and report it to the device software. You can also report it to the government’s Sancharsaathi portal (Chaksu portal) or to the cybercrime cell.

APK files are not itself a threat. The problem can arise when they are downloaded from an unknown source. So, given the danger of such links, stay alert and avoid clicking on them.