News

Bengaluru Businessman Loses ₹5 Lakh After Downloading Fake WhatsApp Wedding Invite APK File

A Bengaluru businessman lost ₹5 lakh after installing a fake WhatsApp wedding invitation APK file that enabled cybercriminals to access his phone.

Shreyanka Nandan

May 12, 2026

A Bengaluru 42-year-old furniture shop owner has reportedly lost over ₹5 lakh after downloading a malicious “wedding invitation” received on WhatsApp, which turned out to be a cyber scam involving an APK file. The file allegedly installed malware on his Android phone, enabling fraudsters to gain access to sensitive data and carry out unauthorised UPI transactions within minutes. Similar fake wedding invite messages are being widely circulated in Bengaluru, prompting police and cyber experts to issue fresh warnings against downloading unknown files.

WhatsApp Wedding Invite Turns Costly Cyber Trap

A Bengaluru-based businessman was allegedly defrauded of over ₹5 lakh after he downloaded a fake wedding invitation sent via WhatsApp, according to multiple reports. The message, designed to look like a personalised invitation with emojis and polite wording, included an attached APK file that promised full details of the ceremony. Trusting the message, the 42-year-old businessman downloaded the file on his Android phone.

Soon after installation, the device is believed to have been compromised. Within minutes, multiple unauthorised UPI transactions were carried out, leading to a loss of approximately ₹5,00,440 from his bank account. The incident reportedly took place in April 2026, with transactions executed in a very short span of time, indicating automated access to banking apps and sensitive data on the device.

Police have registered a case of cheating and identity theft under relevant sections of the Information Technology Act and the Bharatiya Nyaya Sanhita (BNS). While officials have not issued a detailed public statement on this specific case, cybercrime units are actively investigating the source of the malicious file and the network behind its circulation.

A Growing Digital Threat

Investigators suspect the scam involved a malicious APK (Android Package Kit) file disguised as a wedding invitation. APK files are used to install applications on Android devices outside official app stores, but they can also be misused to embed spyware or remote access tools.

Once installed, such malware can silently gain permissions to access SMS messages, contacts, banking apps, and even OTPs, allowing attackers to bypass security systems and complete transactions without the user’s awareness. Experts have repeatedly warned that these fake invitation scams are designed to exploit curiosity and trust, especially when the message appears to come from familiar or festive contexts.

Cybersecurity specialists also emphasise that these attacks are not isolated incidents but part of a broader pattern of APK-based frauds being circulated via WhatsApp and Telegram groups across India.

Similar Messages Circulating Across Bengaluru

Local reports suggest that the same or similar “wedding invitation” messages have been received by multiple residents in Bengaluru, indicating a wider cyber fraud campaign. Authorities believe that the attackers are mass-distributing the malicious file, hoping even a small percentage of recipients will install it.

This incident follows a series of similar scams in Karnataka and other states, where cybercriminals have used disguised APK files labelled as courier updates, traffic challans, job offers, and event invitations to trick users into installing malware. In several such cases, victims have lost amounts ranging from a few thousand to several lakhs within minutes of compromise.

Cybercrime officials have previously advised citizens that genuine wedding invitations or official notices are never shared as APK files and that users should only install apps from verified platforms like the Google Play Store. They have also urged victims of suspicious transactions to immediately report incidents to the national cybercrime helpline (1930) for faster response and potential fund recovery.

The Logical Indian’s Perspective

This incident is yet another reminder of how digital convenience can quickly turn into vulnerability when awareness is lacking. Cybercriminals are increasingly relying on emotional triggers such as wedding invitations, festive greetings or urgent alerts to bypass suspicion and manipulate users into taking unsafe actions.

At The Logical Indian, we believe that the solution lies not only in stronger cyber policing but also in widespread digital literacy. Citizens must be encouraged to pause, verify and question before downloading any file or clicking unknown links, no matter how harmless they appear.

As India becomes more digitally connected, building a culture of caution, empathy and shared responsibility is essential to prevent such incidents. How can communities, tech platforms and authorities work together to strengthen everyday digital awareness and protect vulnerable users from evolving online scams?

Also Read: Eli Lilly Tried To Start An Obesity Conversation, Regulators Heard A Sales Pitch

A 42-year-old furniture shop owner in Bengaluru lost nearly Rs 5 lakh after cyber fraudsters allegedly gained remote access to his mobile phone through a malicious wedding invitation file sent on WhatsApp. According to the complaint, the victim received a file titled “Wedding APK… pic.twitter.com/orsu5FSJap
— IndiaToday (@IndiaToday) May 11, 2026

#PoweredByYou We bring you news and stories that are worth your attention! Stories that are relevant, reliable, contextual and unbiased. If you read us, watch us, and like what we do, then show us some love! Good journalism is expensive to produce and we have come this far only with your support. Keep encouraging independent media organisations and independent journalists. We always want to remain answerable to you and not to anyone else.