Fake SBI REWARDZ App Alert | Rajasthan Police Warns About Cyber Fraud Using APK Malware in 2025

The Rajasthan Police Cyber Crime branch has issued a warning about a dangerous cyber fraud scheme involving a fake mobile app named SBI REWARDZ.apk. Distributed through platforms like WhatsApp, Telegram, Facebook, and Instagram, the malicious app steals users' sensitive financial data by operating stealthily in the background. Once installed, it collects SMS, contacts, and card details, sending them to unsecured servers. This blog explains how the scam works, its dangers, and how users can protect themselves from these rising threats in 2025. Learn about safe practices, how to uninstall the malware, and how to report such incidents effectively.

  Security News & Threat Intelligence   Jun 16, 2025   12  Add to Reading List
Fake SBI REWARDZ App Alert | Rajasthan Police Warns About Cyber Fraud Using APK Malware in 2025

Table of Contents

Introduction

Cybersecurity threats are rapidly evolving, and a recent case from Rajasthan highlights the growing danger posed by malicious Android apps disguised as legitimate software. The Rajasthan Police’s Cyber Crime Branch has issued a public warning about a fake mobile application—SBI REWARDZ.apk—that is spreading via WhatsApp, Telegram, Facebook, and Instagram. This blog dives deep into what this app does, how it operates, and what steps users must take to stay protected.

If you're looking to learn more about cyber threats and protection techniques, WebAsha Technologies offers advanced Cyber Security Courses in India to keep professionals and students updated and skilled in real-world security scenarios.

What Is the Fake SBI REWARDZ App?

The app poses as a rewards or loyalty program app from SBI (State Bank of India) and uses the name SBI REWARDZ.apk to trick users into downloading it from unverified sources. Once installed, the app functions as malware and starts collecting sensitive data from the device without the user's knowledge.

How Does This Malware Work?

According to SP Cyber Crime, Shantanu Kumar, the fake app:

  • Operates silently in the background.

  • Collects SMS messages, contact lists, and app notifications.

  • Transmits the data to an unsecured server hosted on Google Firebase.

  • Aims to extract financial data such as:

    • Credit card and debit card numbers

    • CVV, PIN, and PAN details

    • Personal identifiers

How Is This App Being Spread?

The malware is not available on the Google Play Store. Instead, it is distributed through:

Platform Distribution Method
WhatsApp Direct APK file sharing
Telegram Group shares and personal messages
Facebook Fake pages or private messages
Instagram Link in bio, DMs, or stories

This shows a pattern of social engineering where users are lured into downloading the app outside official app stores.

Why Is This Malware So Dangerous?

This type of cyber fraud is particularly harmful because:

  • Users assume it is an official banking app.

  • The app bypasses Android permissions subtly.

  • It targets financial information directly.

  • Victims often realize too late, after losing money or facing identity theft.

What Should You Do If You Have Installed the App?

If you’ve accidentally installed the fake SBI REWARDZ.apk:

  1. Uninstall the app immediately from your device.

  2. Run a full antivirus or antimalware scan.

  3. Change all online banking passwords and PINs.

  4. Check your bank account for suspicious activity.

  5. Report the incident via:

    • Cyber Helpline: 1930

    • Online portal: cybercrime.gov.in

    • Local police station or cybercrime unit

How to Stay Safe from Fake Apps Like This

To protect yourself and your loved ones from such threats, follow these best practices:

  • Download apps only from official stores like Google Play or Apple App Store.

  • Do not install APK files sent through social media or messaging platforms.

  • Keep your phone updated with the latest Android or iOS security patches.

  • Enable Google Play Protect to scan for harmful apps.

  • Use multi-factor authentication (MFA) for banking and financial apps.

  • Be cautious of apps asking for excessive permissions.

Comparison of Fake App vs. Real App Distribution

Criteria Fake SBI REWARDZ.apk Genuine SBI REWARDS App
Source Social media (APK download) Google Play Store
Developer Identity Unknown SBI or Authorized Vendor
Security Certificate Missing or fake Verified by Google
Background Activity Hidden and unauthorized Transparent and secure
Data Handling Sent to unsecured servers Handled securely per policy

Conclusion

Cybercriminals are becoming more advanced, using social engineering and disguised applications to commit financial fraud. The fake SBI REWARDZ.apk case is a clear reminder to download only from trusted sources and stay updated on cyber safety practices. With awareness, vigilance, and proper training, we can reduce our vulnerability to such cyber threats.

For those interested in pursuing a career in cybersecurity or enhancing their current knowledge, consider enrolling in hands-on, real-time training programs such as those offered by WebAsha Technologies.

FAQ:

What is the fake SBI REWARDZ.apk app and how does it operate?

The fake SBI REWARDZ.apk app is a type of Android malware disguised as a rewards application. Once installed, it silently runs in the background, stealing sensitive data such as SMS messages, contacts, notifications, and banking credentials from the victim’s device.

How are cybercriminals distributing this malicious app to users?

The app is being shared through platforms like WhatsApp, Telegram, Facebook, and Instagram. Attackers send messages containing APK files disguised as legitimate apps, often impersonating banks like SBI to trick users.

What types of information are stolen by this malware?

It targets and extracts confidential data such as credit/debit card numbers, CVV codes, PINs, PAN numbers, SMS contents, and contact lists—everything a hacker needs to commit financial fraud.

Where is the stolen data stored once it's collected?

The data harvested by the malware is transferred to an unsecured cloud server hosted on Google Firebase, allowing attackers to access victims' personal and financial information remotely.

Is it safe to install APK files received through social media or messaging apps?

No, it's highly risky to install APK files from unverified sources. These files bypass official app store security, increasing the chance of malware infection and data breaches.

What should someone do immediately after installing the fake app by mistake?

Uninstall the application immediately, run a full scan using a trusted mobile antivirus, reset banking passwords, and monitor financial accounts for unauthorized transactions.

How can someone report a cyber fraud involving such fake mobile apps?

Victims should contact the cyber helpline at 1930 or file a complaint at www.cybercrime.gov.in. Reports can also be submitted at local police or cyber police stations.

What is the main goal of this malware?

The malware is designed to perform financial fraud by collecting and transmitting sensitive information, enabling attackers to gain unauthorized access to bank accounts and conduct identity theft.

Why is downloading apps only from the Play Store considered safe?

Apps on the Google Play Store undergo rigorous security checks including malware scanning. Downloading apps from external sources bypasses these protections, exposing users to cyber threats.

How can users differentiate between genuine and fake apps?

Verify the developer’s name, check the number of downloads, read user reviews, and ensure the app is listed on official platforms. Fake apps often have poor grammar, unusual permissions, or generic icons.

Can mobile antivirus software detect and block this malware?

Yes, most reputable mobile antivirus apps can detect and block known malware, though emerging threats may still pose a risk. Regular updates and scans are recommended.

Are iPhone users at risk from this particular scam?

No, since iPhones do not support APK files, this specific malware targets Android users. However, iOS users should still be cautious of phishing and scam links.

What actions has Rajasthan Police taken in response to this cyber fraud?

The Rajasthan Police Cyber Crime Branch has issued a public advisory warning users about this malware and encouraged them to avoid installing APKs from unofficial sources.

What precautions should be taken before downloading any mobile app?

Always confirm the app's legitimacy by checking its source, reviewing app permissions, and verifying the developer. Avoid installing apps from links sent via personal messages or unknown sources.

How is Google Firebase involved in this malware campaign?

Cybercriminals are misusing Firebase’s cloud storage to collect and store stolen data. While Firebase is secure by design, the misuse occurs due to poor implementation and lack of access restrictions.

What steps can people take to educate others about this threat?

Raise awareness by sharing verified news, organizing community sessions, and encouraging safe online practices. Education is the first defense against cyber threats.

Can clicking an APK link alone install the app on the phone?

No, users must manually allow installation from unknown sources and then confirm the APK installation. However, attackers often use social engineering to trick users into doing so.

What permissions should raise red flags when installing a new app?

Apps requesting access to SMS, contacts, financial details, notifications, and device administration without a valid reason should be treated as suspicious and avoided.

What is an APK file and why is it dangerous outside official stores?

An APK (Android Package Kit) is used to install Android apps. Installing APKs from untrusted sources can bypass Play Store security, exposing the device to malware.

How can someone detect if their phone is infected?

Symptoms include fast battery drain, unknown app installations, slow device performance, and unusual bank activity. Security scans can also help detect infections.

What financial risks do users face from this malware?

Victims may experience unauthorized bank transactions, credit card fraud, identity theft, and long-term financial compromise due to leaked personal information.

Which helpline should users call for cyber crime in India?

Users should contact the national cyber crime helpline at 1930 for assistance with cyber fraud incidents.

What cybersecurity precautions should businesses take?

Organizations should restrict APK installations, implement mobile device management (MDM), conduct regular security audits, and educate employees on mobile threats.

Can VPNs help prevent such cyber threats?

While VPNs protect your internet traffic, they do not prevent users from downloading malware. Smart browsing habits and verified app installations remain critical.

Does Google Play Protect offer any defense against this malware?

Google Play Protect scans apps downloaded from the Play Store, but may not detect APKs installed from outside. Manual scans are necessary for off-store apps.

Is factory resetting a phone a reliable solution to remove malware?

Yes, a factory reset removes all data, including malware. However, it also erases personal files, so users should back up important data before proceeding.

How can people verify the legitimacy of a traffic challan or banking message?

Always use official government or banking apps to verify such notifications. Never click on suspicious links or open attachments from unknown senders.

What legal actions can be taken against cybercriminals spreading malware?

Under Indian cyber law, developing and distributing malware is a punishable offense, carrying significant legal consequences including imprisonment.

How can senior citizens be protected from such scams?

Educate them regularly, install only verified apps on their devices, disable unknown source installations, and help monitor their digital activity for unusual signs.

Join Our Upcoming Class!

Tags