More than 100 Mumbaikars aged 26 to 83 collectively lost over Rs 2.7 crore in a month. They included domestic help, teachers, drivers, lawyers, scribes, businessmen, govt employees, and the elderly.A 71-year-old doctor from Worli lost Rs 1.9 lakh on April 22 after he tried to book a gas cylinder online. He dialled a number he got on the internet and was told by the scammer that he had to download an app to register his booking. His banking data was stolen from his mobile phone and the money was siphoned off.A 33-year-old woman from Bandra lost Rs 2.6 lakh when she tried to book a new piped gas connection upon relocating to Bandra from Marol. The woman was asked to download the app after she called a number on which she received an alert about a pending gas bill payment on April 17.A 64-year-old Andheri-based salon owner lost Rs 3.8 lakh when he had gone to Howrah for a family function in March following a bill alert. A 72-year-old doctor from Andheri similarly lost Rs 9.5 lakh in April. Earlier in March, a 57-year-old Prabhadevi businessman lost Rs 9.8 lakh via 18 fraudulent transactions over a span of four days.State cyber DIG Sanjay Shintre said scammers used multiple ways to dupe people, either pretending to help in booking a new connection or on the pretext of updating bills.Explaining the modus operandi, Shintre said: “You receive an SMS or WhatsApp message claiming your gas bill is unpaid or hasn’t been updated. The message threatens imminent disconnection —often ‘tonight at 9:30 pm’— to create panic. A fraudster calls, posing as an official from a company like MGL or Indian Oil. They may use professional-sounding language or even mention current events like gas shortage to make the situation seem more credible. The scammer instructs you to download an ‘update’ or ‘verification’ file sent via WhatsApp. This is an APK file (for instance, MGL_GAS_Bill_update.apk) that contains malware. Once installed, the malware allows the attacker to remotely control your device and see your screen and intercept OTPs (one-time passwords) sent by your bank. They capture banking credentials while you try to make a nominal ‘verification payment’ of just Rs 10 or Rs 12. Within minutes of gaining access, the fraudsters perform multiple unauthorised transactions, often siphoning off lakhs.”Demand for piped gas connections has surged sharply. In Feb, around 16,000 new connections were added, while in March the figure crossed 33,000—more than double the previous month’s total. Sources said the spike in demand followed govt directives urging LPG consumers to shift to PNG wherever the facility was available.MGL officials said daily inquiries for domestic PNG connections rose two to three times compared to normal levels. MGL clarified it did not send disconnection threats through suspicious messages, ask customers to download APK files, or direct them to unknown numbers for bill-related updates.Cyber expert Ritesh Bhatia said, “Recovery in most cybercrime cases is almost nil because money is siphoned off instantly through mule accounts and layered transfers. Also, due to delayed reporting, weak inter-state coordination, and lack of real-time intervention by banks.” Cyber lawyer Prashant Mali said police must book fraudsters under BNS Section 111. Fast freezing, device forensics and mule account mapping are critical, he said. Ex-IPS officer-turned-lawyer YP Singh said APK fraud was on the rise due to the failure of banks and agencies to enforce technical vigilance and prevention.
