The Centre has warned government employees and pensioners after hackers started circulating fake messages on WhatsApp related to the proposed 8th Pay Commission, with “salary calculator” links that contain malicious software.
The warning has been issued by the Indian Cyber Crime Coordination Centre (I4C) of the Ministry of Home Affairs after receiving complaints from government employees and pensioners.
According to sources, hackers are taking advantage of the interest generated in possible changes to salaries and pensions to trick victims into downloading malicious APK files. There is no government department that is distributing pay revision tools through WhatsApp or any other link.
Also Read | Rs 1 crore lost to cyber fraud in East Midnapore, multiple suspicious accounts frozen
How the fraud operates
According to officials, the scam usually starts with a WhatsApp message that promises to offer a calculator for calculating new salaries or pensions based on the 8th Pay Commission.
The message comes with an Android Package Kit (APK) file that is not hosted on any government website. Once downloaded, the APK file is said to give scammers access to the user’s phone, including their banking apps and personal details.
"In several reported instances, money was withdrawn from accounts shortly after the application was installed," said officials.
The Centre has clarified that any information regarding salaries, fitment factors, or pension revisions is not shared through APK files or messaging services.
Advisory for employees and pensioners
Authorities have urged employees and pensioners to verify all information related to the 8th Pay Commission only through official government portals and credible news sources.
Citizens have been advised to remain cautious of messages that create urgency, promise quick calculations, or require downloading unfamiliar files. Officials noted that such messages often contain spelling errors, suspicious links, or unofficial domain names.
Also Read | Think you can spot a scam? AI-powered deepfakes and phishing are making it harder than ever
The advisory again emphasises that no government agency, bank, or cybercrime authority asks for OTPs, UPI PINs, debit/credit card details, or login credentials through phone calls or messaging applications.
The recipients of the suspicious messages have been advised not to click on any links or download any files and to make cybercrime reports through designated cybercrime reporting systems.