#FactCheck- Viral Kapil Mishra Video on 50% Attendance Not Recent

Executive Summary:

Internship scams have infiltrated the academic landscape, scamming students of many prestigious colleges. The students often prefer to carry out internships to gain knowledge and work experience. These scams use the name of popular multinational companies to exploit the students. This report studies the various case studies, their modus operandi, impact on the students and preventive strategies. This report emphasises the importance of awareness and proactive measures to protect students from falling victim to such frauds.

1. Introduction

Internships are the opportunity to overcome the gap between the practical knowledge acquired at the university and practical experience, to get practical skills and contacts in the field of activity, as well as improve employment prospects. Instead, because of high paying internships and interesting positions students have become targets of work scams. As we have seen with the advancement in digital technology, scammers take advantage of the disguise of the internet, making very neat, smart, and convincing scams. 

 Internship scams are very prevalent and they include fake job listings and phishing schemes as well as payment frauds which make students lose lots of money and also emotionally expose them. In this specific case, this paper examines how these scams work, the warning signs, and ways of protecting students from falling victim to them.

2. Detailed Modus Operandi of Internship Scams

Internship scams often employ  a variety of tactics to attract and deceive unsuspecting students. Below is a detailed breakdown of the common methods used by scammers:

1. Fake Job Listings and Offers:some text
   • Scammers post attractive internship offers on popular job portals, social media platforms, and even send personalised messages via LinkedIn. These listings often mimic the branding and style of reputable companies, including well-designed logos, professional email addresses, and official-looking websites.
   • Example: A fake internship offer from a reputed software firm circulates on a job portal, with a professional landing page. Students who apply are quickly “hired” without any interviews, and are asked to pay a security deposit to confirm their acceptance.
2. Upfront Payment Requests:some text
   • Scammers ask for payment such as registration fees, training materials, background checks, or security deposits. These payments comes under non-refundable payment  and it act as the primary revenue stream for the fraudsters.
   • Example: A group of students receive internship offers requiring a payment of INR 10,000 for "training materials" and "online assessments." After making the payment, the students never hear back from the company, and all attempts to contact them were futile.
3. Phishing and Identity Theft:some text
   • Beyond financial fraud, some scams aim to steal personal information. Fake internship applications often require detailed personal data, including identity proofs, bank account details. This data will be used as identity theft or sold on the dark web.
   • Example: A student applies for an internship that asks for copies of identification documents and bank details. This information sharing led to unauthorised transactions in their bank account. 
4. Work-from-Home Frauds:some text
   • With the rise of remote work, scammers also offer work-from-home internships that require students to purchase software or pay for specialised training. After payment, students are often given irrelevant tasks or no tasks at all, leaving them with no real work experience.
   • Example: An internship advertised as a "remote data analysis role" required students to buy a proprietary software licence. After paying, students realised the software was freely available online, and the internship tasks were non-existent.
5. Impersonation of Reputed Companies:some text
   • Scammers use the name of well-known companies, they modify the email addresses or create fake websites that look original. They use these platforms to send offer letters, making it difficult for students to identify the scam.
   • Example: A scammer creates a fake website mirroring a major consulting firm's internship page. The only difference is a minor change in the URL. Dozens of students are duped into paying registration fees.

3. Case Studies of Real-Life Incidents

1. Case Study 1: The Certification Course and Internshipsome text
   • A group of students received personalised emails from an official domain of a reputed tech industry providing an internship offer. Students were asked to pay Rs 10,000 to undergo a certification course to carry the internship. After paying the amount, the students did not receive any instructions, and the company was found to be nonexistent. The scammer had spoofed the company’s email domain, making it difficult to trace the source.
2. Case Study 2: The Social Media Trapsome text
   • A student from a university encountered an internship post on Instagram, advertising roles at a popular fashion brand. The application process involved a "screening fee" of INR 5,000. Despite appearing legitimate, the internship was fake, and the brand had no knowledge of the post. The student's personal data was also compromised, leading to unauthorised social media activity.
3. Case Study 3: Internship Providing Social Platformssome text
   • A popular internship providing platform, faced an incident where a scammer posted fraudulent internship offers under the guise of a major multinational. The scam involved asking students to purchase expensive software to start their work. The platform had to issue warnings and remove the listings after several complaints.

4. The Impact on Students

The consequences of internship scams extend beyond immediate financial loss, affecting students on multiple levels:

1. Financial Impact:some text
   • Students lose their money, ranging from minor fees to significant payments.
2. Emotional and Psychological Distress:some text
   • These kinds of scams can lead to anxiety, depression and loss of confidence in availing the opportunities in future. 
3. Exposure to Further Scams:some text
   • Scammers often share details of their victims with other fraudsters, making students susceptible to repeated scams, including phishing attacks, financial frauds, and unsolicited offers.

5. Preventive Measures

1. Verification of Internships:some text
   • Always verify the authenticity of the internship by researching the company on official platforms such as LinkedIn, the company’s official website, and through trusted contacts or college placement cells.
2. Avoid Upfront Payments:some text
   • Employers do not ask for money in exchange for job or internship offers. If they demand for any kind of payment, then the employer is not original. Always question the necessity of such payments and consult trusted advisors before proceeding.
3. Use Trusted Job Portals:some text
   • Apply for internships through recognized platforms like LinkedIn, Internshala, or your college’s placement cell, which have verification processes to filter out fraudulent postings.
4. Reporting Scams:some text
   • Report suspicious offers to your college authorities, placement cells, and local cybercrime departments. Additionally, use platforms like Internshala’s “Report This Job” feature to flag fraudulent listings.
5. Stay Educated and Updated:some text
   • It is important to educate students by providing workshops, webinars, and awareness sessions on cybersecurity to stay informed and report about the latest scams. 

6. Conclusion

Internship scams are a severe threat to the student society since they manipulate the student’s desire for an internship. The best ways to prevent such cons are by being cautious and receptive to whatever is being offered. Internship seekers, colleges and the placement cells have to work hand in hand to ensure that there is no fear among  people seeking internships.

References

1. Smith, J. (2024). Internship Scams on the Rise: How to Spot and Avoid Them. Retrieved from example1.com.
2. Brown, A. (2023). Student Internship Scams in India: A Growing Concern. Retrieved from example2.com.
3. Johnson, L. (2024). How to Protect Yourself from Fake Internship Offers. Retrieved from example3.com.
4. Gupta, R. (2024). Social Media and the Rise of Job Scams. Retrieved from example4.com.

‍

Executive Summary:

A video of former Army Chief General Manoj Pande is going viral on social media with the claim that he attacked the Modi government, saying that supporting Israel is causing significant harm to the Indian Army. The research by CyberPeace revealed that the audio present in the viral video is AI-generated. No such statement was made in the original video.

‍

Claim:

‍

On social media platform X, while sharing the viral video, users wrote, “Delhi: Former Army Chief General Manoj Pande (Retd.) said, ‘Do you know what the biggest loss of supporting Israel is? Our Indian Army was always trained as a moral force, but the current situation is turning it into an ethnic force. Remember my words, this situation is moving towards a complete rebellion. We have all seen what is happening in Assam.’ ‘The Israeli army stands against humanity, and brutality has become its identity. Our army is becoming like them due to its association. The Modi government and the Sangh Parivar are responsible for this. For both, Israel is an ideal country, and they are running an agenda to turn India into Israel.’”

‍

• https://www.facebook.com/reel/852247917829329 
• https://archive.ph/2znQL 

‍

‍

‍

Fact Check:

‍

In the research of the viral video claiming that former Army Chief General Manoj Pande attacked the Modi government, we conducted a reverse image search with the help of keyframes. During this process, we found a video uploaded on March 14 on the X account of the news agency Press Trust of India (PTI).

‍

The visuals present in the video matched those in the viral video.

‍

• https://x.com/PTI_News/status/2032853960114270322 

‍

In this video, former Army Chief General Manoj Pande was seen delivering a speech in Marathi and English. However, during this, he was talking about increasing new kinds of capabilities in view of the current situation and not mentioning Israel, as claimed in the viral video. In the approximately 1 minute 15 seconds long video, he did not give any such statement as present in the viral video.

‍

‍

While taking the research forward, we found a report published on March 15, 2026, on the website of ThePrint. This report mentioned the speech delivered by former Army Chief General Manoj Pande, but no report mentioned the statement shown in the viral video.

‍

https://hindi.theprint.in/india/armed-forces-must-develop-their-capabilities-to-fight-effectively-in-the-future-general-pandey/945537/

‍

‍

‍

Conclusion:

‍

Our research found that the audio present in the viral video is AI-generated. In the original video, he did not make any such statement.

‍

Introduction:

This report examines ongoing phishing scams targeting "State Bank of India (SBI)" customers, India's biggest public bank using fake SelfKYC APKs to trick people. The image plays a part in a phishing plan to get users to download bogus APK files by claiming they need to update or confirm their "Know Your Customer (KYC)" info.

Fake Claim:

A picture making the rounds on social media comes with an APK file. It shows a phishing message that says the user's SBI YONO account will stop working because of their "Old PAN card." It then tells the user to install the "WBI APK" APK (Android Application Package) to check documents and keep their account open. This message is fake and aims to get people to download a harmful app.

Key Characteristics of the Scam:

• The messages "URGENTLY REQUIRED" and "Your account will be blocked today" show how scammers try to scare people into acting fast without thinking.
• PAN Card Reference: Crooks often use PAN card verification and KYC updates as a trick because these are normal for Indian bank customers.
• Risky APK Downloads: The message pushes people to get APK files, which can be dangerous. APKs from places other than the Google Play Store often have harmful software.
• Copying the Brand: The message looks a lot like SBI's real words and logos to seem legit.
• Shady Source: You can't find the APK they mention on Google Play or SBI's website, which means you should ignore the app right away.

Modus Operandi:

• Delivery Mechanism: Typically, users of messaging services like "WhatsApp," "SMS," or "email" receive identical messages with an APK link, which is how the scam is distributed.
• APK Installation: The phony APK frequently asks for a lot of rights once it is  installed, including access to "SMS," "contacts," "calls," and "banking apps."
• Data Theft: Once installed, the program may have the ability to steal card numbers, personal information, OTPs, and banking credentials.
• Remote Access: These APKs may occasionally allow cybercriminals to remotely take control of the victim's device in order to carry out fraudulent financial activities.

While the user installs the application on their device the following interface opens: 

‍

‍

It asks the user to allow the following:

• SMS is used to send and receive info from the bank.
• User details such as Username, Password, Mobile Number, and Captcha. 

Technical Findings of the Application:

Static Analysis:

• File Name: SBI SELF KYC_015850.apk
• Package Name: com.mark.dot.comsbione.krishn
• Scan Date: Sept. 25, 2024, 6:45 a.m.
• App Security Score: 52/100 (MEDIUM RISK)
• Grade: B

File Information:

• File Name: SBI SELF KYC_015850.apk
• Size: 2.88MB
• MD5: 55fdb5ff999656ddbfa0284d0707d9ef
• SHA1: 8821ee6475576beb86d271bc15882247f1e83630
• SHA256: 54bab6a7a0b111763c726e161aa8a6eb43d10b76bb1c19728ace50e5afa40448

App Information:

• App Name: SBl Bank
• Package Name:: com.mark.dot.comsbione.krishn
• Main Activity: com.mark.dot.comsbione.krishn.MainActivity
• Target SDK: 34
• Min SDK: 24
• Max SDK:
• Android Version Name:: 1.0
• Android Version Code:: 1

App Components:

• Activities: 8
• Services: 2
• Receivers: 2
• Providers: 1
• Exported Activities: 0
• Exported Services: 1
• Exported Receivers: 2
• Exported Providers:: 0

Certificate Information:

• Binary is signed
• v1 signature: False
• v2 signature: True
• v3 signature: False
• v4 signature: False
• X.509 Subject: CN=PANDEY, OU=PANDEY, O=PANDEY, L=NK, ST=NK, C=91
• Signature Algorithm: rsassa_pkcs1v15
• Valid From: 20240904 07:38:35+00:00
• Valid To: 20490829 07:38:35+00:00
• Issuer: CN=PANDEY, OU=PANDEY, O=PANDEY, L=NK, ST=NK, C=91
• Serial Number: 0x1
• Hash Algorithm: sha256
• md5: 4536ca31b69fb68a34c6440072fca8b5
• sha1: 6f8825341186f39cfb864ba0044c034efb7cb8f4
• sha256: 6bc865a3f1371978e512fa4545850826bc29fa1d79cdedf69723b1e44bf3e23f
• sha512:05254668e1c12a2455c3224ef49a585b599d00796fab91b6f94d0b85ab48ae4b14868dabf16aa609c3b6a4b7ac14c7c8f753111b4291c4f3efa49f4edf41123d
• PublicKey Algorithm: RSA
• Bit Size: 2048
• Fingerprint: a84f890d7dfbf1514fc69313bf99aa8a826bade3927236f447af63fbb18a8ea6
• Found 1 unique certificate

‍

App Permission 

‍

‍

1. Normal Permissions

• Access_network_state: Allows the App to View the Network Status of All Networks.
• Foreground_service: Enables Regular Apps to Use Foreground Services.
• Foreground_service_data_sync: Allows Data Synchronization With Foreground Services.
• Internet: Grants Full Internet Access.

2. Signature Permission:

• Broadcast_sms: Sends Sms Received Broadcasts. It Can Be Abused by Malicious Apps to Forge Incoming Sms Messages.

3. Dangerous Permissions:

• Read_phone_numbers: Grants Access to the Device’s Phone Number(S).
• Read_phone_state: Reads the Phone’s State and Identity, Including Phone Features and Data.
• Read_sms: Allows the App to Read Sms or Mms Messages Stored on the Device or Sim Card. Malicious Apps Could Use This to Read Confidential Messages.
• Receive_sms: Enables the App to Receive and Process Sms Messages. Malicious Apps Could Monitor or Delete Messages Without Showing Them to the User.
• Send_sms: Allows the App to Send Sms Messages. Malicious Apps Could Send Messages Without the User’s Confirmation, Potentially Leading to Financial Costs.

On further analysis on virustotal platform using md5 hash file, the following results were retrieved where there are 24 security vendors out of 68, marked this apk file as malicious and the graph represents the distribution of malicious file in the environment.

‍

‍

Key Takeaways:

• Normal Permissions: Generally Safe for Accessing Basic Functionalities (Network State, Internet).
• Signature Permissions: May Pose Risks When Misused, Especially Related to Sms Broadcasts.
• Dangerous Permissions: Provide Sensitive Data Access, Such as Phone Numbers and Device Identity, Which Can Be Exploited by Malicious Apps.
• The Dangerous Permissions Pose Risks Regarding the Reading, Receiving, and Sending of Sms, Which Can Lead to Privacy Breaches or Financial Consequences.

How to Identify the Scam:

• Official Statement: SBI never asks clients to download unauthorized APKs for upgrades related to KYC or other services. All formal correspondence takes place via the SBI YONO app, which may be found in reputable app shops.
• No Immediate Threats: Bank correspondence never employs menacing language or issues harsh deadlines, such as "your account will be blocked today."
• Email Domain and SMS Number: Verified email addresses or phone numbers are used for official SBI correspondence. Generic, unauthorized numbers or addresses are frequently used in scams.
• Links and APK Files: Steer clear of downloading APK files from unreliable sources at all times. For app downloads, visit the Apple App Store or Google Play Store instead.

CyberPeace Advisory:

• The Research team recommends that people should avoid opening such messages sent via social platforms. One must always think before clicking on such links, or downloading any attachments from unauthorised sources.
• Downloading any application from any third party sources instead of the official app store should be avoided. This will greatly reduce the risk of downloading a malicious app, as official app stores have strict guidelines for app developers and review each app before it gets published on the store.
• Even if you download the application from an authorised source, check the app's permissions before you install it. Some malicious apps may request access to sensitive information or resources on your device. If an app is asking for too many permissions, it's best to avoid it.
• Keep your device and the app-store app up to date. This will ensure that you have the latest security updates and bug fixes.
• Falling into such a trap could result in a complete compromise of the system, including access to sensitive information such as microphone recordings, camera footage, text messages, contacts, pictures, videos, and even banking applications and could lead users to financial loss.
• Do not share confidential details like credentials, banking information with such types of Phishing scams.
• Never share or forward fake messages containing links on any social platform without proper verification.

Conclusion:

Fake APK phishing scams target financial institutions more often. This report outlines safety steps for SBI customers and ways to spot and steer clear of these cons. Keep in mind that legitimate banks never ask you to get an APK from shady websites or threaten to close your account right away. To stay safe, use SBI's official YONO app on both systems and get apps from trusted places like Google Play or the Apple App Store. Check if the info is true before you do anything turn on 2FA for all your bank and money accounts, and tell SBI or your local cyber police about any scams you see.

‍