Inside the Install

It usually starts with something normal, a wedding invite, a parcel update, a loan offer. Or a “new app” shared by a friend.
You open it without thinking. That is where the problem begins.

Across Sri Lanka and the region, a new wave of scams is spreading through fake mobile apps (APK files). These apps look real, but they are built to steal quietly.

How It Happens

You receive a file on WhatsApp or Telegram.

It says:

• “Install to view details”
• “Track your delivery”
• “Open to claim reward”

You install it. Nothing seems wrong. But behind the screen, the app starts working silently.

It can steal credentials, capture OTPs, monitor your phone/device activity. You don’t see it happening. That’s the danger.

Why People Fall for It

Scammers don’t need hacking skills anymore. They only need trust and one tap. These messages work because they look familiar, come from a friend, feel urgent, and appear official.

What Makes It Worse Now

These fake apps are no longer simple.

They are now:

• Copy/mimic real app designs
• Use real logos
• Come from hacked accounts
• Target trending topics (jobs, parcels, offers)

So, people believe them more easily.

What You Should Remember

• If it is not from an official app store, don’t install it.
• If it came through chat, be extra careful.
• If it asks for permissions like SMS or accessibility, stop and think.

If You Already Installed One

• Turn off internet
• Uninstall the app
• Change your passwords
• Call your bank if needed
• Get your phone checked by a trusted technician or cybersecurity professional.

Act fast. Don’t wait.