ACCUSED PERSONS USED TO IMPERSONATE BANK REPRESENTATIVES AND TARGET VICTIMS THROUGH PHONE CALLS. DURING CALLS, THEY SENT MALICIOUS .APK FILES TO VICTIMS TO GAIN UNAUTHORIZED ACCESS TO BANK ACCOUNTS, COMPLAINANT WAS CHEATED OF ₹10.64 LAKHS AFTER INSTALLING THE MALICIOUS FILE SHARED DURING THE CALL, CHEATED MONEY WAS TRANSFERRED TO BILLDESK, THEN TO CREDIT CARDS, WITHDRAWN VIA ATMS & USED FOR GIFT CARDS SIX SMARTPHONES INCLUDING CALLING DEVICE & DEVICE USED TO RUN BILLDESK APPLICATION, RECOVERED, RECOVERED DEVICES CONTAIN MALICIOUS .APK FILES, DETAILS OF CREDIT CARD HOLDERS, BANKING CREDENTIALS & OTHER INCRIMINATING EVIDENCES
Face2News/New Delhi
A team of PS Cyber, South-West District has arrested two cyber criminals namely Shankar Dan R/o Dhanbad, Jharkhand, Age- 27 Years & Pradeep Kumar Dan R/o Dhanbad, Jharkhand, Age- 26 Years. With their arrest, six smart Phones including the calling device and device which has been used for running the billdesk application during fraud have been recovered.
A case of cyber financial fraud was registered based on a complaint wherein the complainant alleged that on 30.06.2025, he received a phone call from an unknown number. The caller falsely introduced himself as an SBI Bank official and informed the complainant about bounced cheques. Under the pretext of verifying cheque images, the fraudster sent a malicious link to the complainant’s WhatsApp.
Upon clicking the link and installing the attached .APK file, the complainant did not find any cheque images as claimed. Realizing something was suspicious, he immediately disconnected the call, deleted the link, and switched off his phone. However, after restarting the device, the complainant began receiving multiple SMS alerts regarding password changes and unauthorized financial transactions. It was later found that two of his fixed deposits—worth ₹5,62,000/- and ₹4,54,000/- had been prematurely closed.
Additionally, an amount of ₹48,600/- was debited through Google Ads. Investigation revealed that the OTPs generated during these transactions were diverted to an unknown number. In total, the complainant suffered a financial loss of ₹10.64 lakhs from his Bandhan Bank account due to this fraudulent activity. After preliminary enquiry, a case vide FIR No. 007/2025, U/s 318(4)/319(2)/340 BNS was registered at PS Cyber South West & investigation was taken up.
INVESTIGATION: The investigation primarily focused on tracing the money trail and identifying the alleged calling number used in the offence. It was revealed that the defrauded amount of ₹10.64 lakhs was initially transferred from the complainant’s Bandhan Bank account to the BillDesk platform (an online payment gateway) through unauthorized access via a malicious link/.APK file. The funds were subsequently utilized for payments towards an Axis Bank credit card and Google ADS services. On the basis of technical analysis and data obtained from BillDesk, it was found that a particular mobile number and device were active in the area of Dhanbad, Jharkhand. Further analysis confirmed that the alleged calling number was also operational in the same area.
Accordingly, a team comprising SI Amit Kumar, HC Sanjay, HC Manoj, HC Sachin, and Ct. Ravi was constituted under the supervision of Insp. Pravesh Kaushik, SHO/PS Cyber/South West, and under the overall supervision of Sh. Vijay Kumar, ACP/OPS South West. Raids were conducted in various districts of Dhanbad. The team pursued the accused for several days, and with the help of local and technical intelligence, the team successfully apprehended Shankar Dan R/o Dhanbad, Jharkhand.
Four mobile phones, including the calling device, were recovered from his possession. Subsequently, based on his disclosure and technical inputs, Pradeep Kumar Dan R/o Dhanbad, Jharkhand, was arrested from Tarapith, District Birbhum, West Bengal, after raids were conducted in Bokaro, Ranchi, and Dhanbad. Two mobile phones were recovered from his possession, including the device used to operate the BillDesk application during the fraud on 30.06.2025.
INTERROGATION:
During sustained interrogation, Shankar Dan confessed that he used Amazon Pay to identify potential victims. He randomly entered mobile numbers into the Amazon Pay app, which revealed the bank associated with each number. Based on this information, he contacted the victims, impersonating a bank representative or manager. He would inform the victims about fabricated issues such as KYC updates, credit/debit card problems, or cheque bounces.
In this particular case, he informed the complainant about a bounced cheque and subsequently sent a malicious .APK file/link via WhatsApp, claiming it contained images of the bounced cheque. Once the victim installed the application, unauthorized access to the bank account was obtained. He then transferred the cheated amount from the complainant’s account to the BillDesk application. The money was further routed to Axis Bank credit cards (specifically procured for fraudulent purposes) and used for settling bills on Google ADS services. The funds were later withdrawn from these credit cards using third-party apps such as CRED and MobiKwik, and also utilized for purchasing gift cards.
Mr. Amit Goel, IPS, DCP, South West Distt, said, during interrogation, accused Pradeep Kumar Dan also admitted to active involvement in the crime. He was responsible for operating the BillDesk application during the fraud. He worked closely with Shankar Dan. After victims were deceived over calls and access to their bank accounts was obtained, Pradeep transferred the money from the bank accounts to the BillDesk platform and subsequently to Axis Bank credit cards. He received a 20% commission for his role in the fraud.
He further disclosed that the SIM cards used in the fraud were procured from Jamtara, and the .APK file was arranged through WhatsApp. The credit cards were provided by co-accused individuals for the purpose of receiving the cheated funds. The accused claimed he received a hefty commission of 50% for his role in the fraud. He earned approximately ₹5 lakhs, and the remaining amount was distributed among other members of the syndicate.
Shankar Dan primarily handled calling the victims. He, along with his associate Pradeep and others, was actively involved in the criminal operation. They operated from forested areas near their village to evade detection.
Mr. Amit Goel, IPS, DCP, South West Distt, said, during interrogation, accused Pradeep Kumar Dan also admitted to active involvement in the crime. He was responsible for operating the BillDesk application during the fraud. He worked closely with Shankar Dan. After victims were deceived over calls and access to their bank accounts was obtained, Pradeep transferred the money from the bank accounts to the BillDesk platform and subsequently to Axis Bank credit cards. He received a 20% commission for his role in the fraud.
KNOW THE ACCUSED:
Shankar Dan R/o Dhanbad, Jharkhand, Age- 27 Years had studied till class 3rd. He has one mobile shop in the village. He is previously involved in two cyber fraud cases & one murder case. He used to call the victims and represent himself as a bank representative. He is the one who sends the .APK files on the WhatsApp of the victims during the conversation with the victims and siphon of the money of victim by gaining access of their bank accounts. He used to live a lavish life and purchase vehicle and other goods through ill gotten money.
Pradeep Kumar Dan R/o Dhanbad, Jharkhand, Age- 26 Years has studied till class 8th. He is an associate of Shankar Kumar Dan. His main role is to run the Billdesk application and transferred the money from the bank accounts to Billdesk application and later to Axis Bank Credit Card. He is previously involved in a murder case.
This case highlights the growing complexity of cybercrimes, with fraudsters using multiple jurisdictions and sophisticated methods to carry out their schemes. The prompt action of the Cyber South-West team has successfully dismantled a key part of this fraud network involved in this case, though further investigations continue.