Consumer Protection
Gang Posing as IGL Officials Busted, Three Arrested; Fake App Used to Drain Bank Accounts
Delhi Police’s Crime Branch has dismantled a cyber fraud gang that impersonated Indraprastha Gas Limited (IGL) officials to defraud unsuspecting consumers. Three men—Bikky Mandal alias Vicky (Asansol, West Bengal), Sumit Kumar Singh (Jamtara, Jharkhand), and Rajiv Kumar Mandal—have been arrested for siphoning money from victims’ bank accounts via malicious APK files disguised as official applications.
Modus Operandi of the Fraud
Investigators revealed that the gang contacted victims by phone, claiming to be IGL representatives and warning of pending bills, account updates, or possible disconnection. Victims were then instructed to download an APK file presented as IGL’s official app. Once installed, the fraudulent app requested extensive permissions, enabling the accused to access messages, read OTPs, mirror screens, and perform unauthorized banking transactions.
Fake Apps Mimicking Trusted Brands
Digital forensics on nine phones recovered from the suspects found seven devices containing multiple fraudulent apps. These apps imitated the look and feel of legitimate services, including IGL, State Bank of India, Tata Power, and RTO challan portals. Investigators noted that the apps were designed solely to gain user trust and covertly steal sensitive financial data, making detection difficult for ordinary users.
Links to Multiple Cybercrime Complaints
The gang has been linked to 35 separate cybercrime complaints filed on the National Cyber Crime Reporting Portal (NCRP). Police records show that the accused had prior involvement in cyber fraud and cheating cases in their respective regions. Rajiv Kumar Mandal reportedly coordinated operations and managed fraudulent transactions.
Understanding APK Files
An APK (Android Package Kit) is the file format used to install apps on Android devices, similar to .exe files on computers. Fraudsters often tamper with APKs to distribute malicious software, posing as updates, bill payments, or government-related applications. Once installed, these apps can give attackers full control over the device.
IGL Advisory to Consumers
IGL has issued a warning to customers to avoid responding to suspicious calls regarding bill payments or service disconnection. The company advises verifying any such communication through official channels and only using authorised payment platforms. Consumers are also urged not to download apps received through calls or messages.
Tips to Stay Safe
- Install apps only from Google Play Store
- Avoid clicking on unknown links or APK files
- Keep the ‘Unknown Sources’ setting disabled
- Limit app permissions to only necessary functions
- Report suspected fraud immediately by calling 1930
Police have urged the public to stay vigilant and ignore unsolicited calls or messages requesting personal or financial information. Investigations into the cybercrime network are ongoing.