Retired Army Officer Falls Victim to Cyber Fraud in Courier Booking Scam

Post Views: 6

Colonel Rajbir Singh Duggal Loses ₹12 Lakh in Cyber Scam

A retired Indian Army officer, Colonel Rajbir Singh Duggal, 82, lost ₹12 lakh (approximately $15,000 USD) in a sophisticated cyber scam. The incident occurred when the victim attempted to book a courier service online, which ultimately led to the installation of a malicious Android application (APK) on his mobile device.

The Scam Unfolds

Colonel Duggal was trying to send a parcel from his residence in Chandigarh to Pune. While searching for the contact number of a courier service, he came across a phone number that appeared to belong to Blue Dart. Upon calling the number, he was connected to an individual who claimed to be an online executive of the courier company.

The caller informed Colonel Duggal that a nominal online payment of ₹10 was required to confirm the courier pickup request. The victim initially attempted to make the payment through his State Bank of India (SBI) account, but the transaction failed. He then completed the payment using his HDFC credit card.

The Malware Takes Control

Shortly after the payment, the same individual contacted Colonel Duggal again, claiming that the courier pickup process required additional steps. Unbeknownst to the victim, this was a ruse to trick him into installing the malicious APK file. Once installed, the malware gained control over Colonel Duggal’s mobile device, allowing the attackers to capture sensitive information, including one-time passwords (OTPs) and login credentials.

The Aftermath

The attackers used the stolen credentials and intercepted OTPs to initiate multiple transactions, siphoning off ₹12 lakh from Colonel Duggal’s bank account. The incident highlights the growing sophistication of cyber criminals, who are increasingly combining technical tools with social engineering tactics to manipulate victims.

Cyber experts warn that APK files shared through messaging platforms, often under the pretext of courier services or banking updates, can be extremely dangerous. These malicious applications can effectively give attackers control over a device and access to sensitive financial information.

Prevention is Key

To avoid falling victim to such scams, experts advise exercising caution while searching for customer service numbers online. Instead of relying on numbers found through search results, users should verify contact details directly through the official website or mobile app of the service provider. Additionally, APK files from unknown or unofficial sources should never be installed.

In this case, the attackers exploited Android’s accessibility permissions to gain control over Colonel Duggal’s device. Once these permissions were granted, the malware could remotely view the phone screen, record user actions, and intercept sensitive data entered into banking applications.

A Reminder of Vigilance

The incident serves as a reminder of the importance of vigilance in preventing cyber fraud. Avoiding suspicious links, verifying service contacts, and refusing to install unknown applications can significantly reduce the chances of falling victim to such scams.