What is Fake UPI App Clone Phishing Scam?

Dangerous: Fake UPI App Clone Phishing Scam is a confirmed scam in India. Stay safe from fake UPI app clone phishing scams. Learn how scammers steal UPI credentials through malicious app downloads. Report at cybercrime.gov.in

How does Fake UPI App Clone Phishing Scam work?

Step 1: Scammers call/message impersonating bank or UPI app support (PhonePe, Google Pay) claiming suspicious transaction or account block issue Step 2: Build trust by using victim's personal details and asking for basic verification like DOB, phone number Step 3: Create urgency claiming technical glitch in UPI app requiring immediate resolution to prevent account blocking Step 4: Direct victim to download fake UPI app clone from phishing link or legitimate screen-sharing apps like AnyDesk Step 5: Request phone permissions and ask victim to share 9-digit OTP while staying on call for 'guidance'

How to protect yourself from Fake UPI App Clone Phishing Scam?

Do not download any app or update from links sent via WhatsApp, SMS, or unknown callers. Hang up immediately if someone asks for your UPI PIN, OTP, or banking credentials over the phone. Verify any suspicious calls by independently contacting your bank or UPI service through official customer care numbers. Report any fraudulent transactions or scam calls at cybercrime.gov.in and your bank’s fraud helpline without delay.

Fake UPI App Clone Phishing Scam

नकली UPI ऐप क्लोन फिशिंग घोटाला

INDIA — By BharatSecure Threat Intelligence Team · Updated Apr 20, 2026

Verdict: Dangerous | Risk Score: 9/10 | Severity: MEDIUM

Category: UPI, Phishing

How Fake UPI App Clone Phishing Scam Works

Step 1: Scammers call/message impersonating bank or UPI app support (PhonePe, Google Pay) claiming suspicious transaction or account block issue
Step 2: Build trust by using victim's personal details and asking for basic verification like DOB, phone number
Step 3: Create urgency claiming technical glitch in UPI app requiring immediate resolution to prevent account blocking
Step 4: Direct victim to download fake UPI app clone from phishing link or legitimate screen-sharing apps like AnyDesk
Step 5: Request phone permissions and ask victim to share 9-digit OTP while staying on call for 'guidance'
Step 6: Gain remote control of device, steal UPI PIN during entry, and perform unauthorized fund transfers

How This Scam Works — Detailed Explanation

In India, the Fake UPI App Clone Phishing Scam targets users of popular Unified Payments Interface (UPI) apps, which are widely used for quick and easy money transfers through platforms like Google Pay, PhonePe, Paytm, and others. Scammers create fake clone versions of these legitimate apps, often mimicking the real app’s design and name closely. They distribute these malicious apps via fake links sent through WhatsApp messages, SMS, or unsolicited phone calls. The goal is to trick users into downloading the fake app, believing it to be a required update or an official utility from their bank or UPI service.

Once the fake app is installed, it asks users to enter sensitive information such as UPI PIN, OTP (one-time password), or bank login credentials under the guise of verifying the user’s account or rectifying a supposed technical glitch. Scammers often use urgent language, threatening immediate blocking or suspension of the user's bank account to create panic and rush them into submitting private details. They may also request permissions like screen sharing or remote access, giving them direct control over the phone.

The scammers typically start with unsolicited calls claiming to be from the user’s bank or UPI app support center. These calls warn about suspicious transactions or technical problems, prompting victims to act immediately. They instruct victims to download the clone app from unofficial links, bypassing official app stores, which adds to the risk of installing malware. Once the fraudsters have the credentials and PINs, they can initiate unauthorized UPI transactions, draining the victim’s bank accounts swiftly.

Victims often realize the fraud only after noticing unauthorized debits or receiving alerts from the real bank app. By then, it’s usually challenging to reverse the transactions. This scam is especially dangerous in India due to the widespread use of UPI and increasing reliance on mobile banking. Users need to be very cautious about unsolicited calls and downloads, and always verify through official bank channels before taking any action related to their UPI accounts.

Who Does Fake UPI App Clone Phishing Scam Target?

Indians aged 30-60 years in urban and semi-urban areas, particularly in high UPI adoption states like Maharashtra, Karnataka, Uttar Pradesh, tech-savvy but less security-conscious users

Red Flags — How to Identify Fake UPI App Clone Phishing Scam

Unsolicited calls claiming to be from bank/UPI app support about suspicious transactions
Urgency tactics threatening immediate account blocking or suspension
Requests to download apps from unknown links or grant screen sharing permissions
Asking for OTP, UPI PIN, or banking credentials over phone call
Caller claiming technical glitch requiring immediate app update or verification

What To Do If You Encounter Fake UPI App Clone Phishing Scam

Do not download any app or update from links sent via WhatsApp, SMS, or unknown callers.
Hang up immediately if someone asks for your UPI PIN, OTP, or banking credentials over the phone.
Verify any suspicious calls by independently contacting your bank or UPI service through official customer care numbers.
Report any fraudulent transactions or scam calls at cybercrime.gov.in and your bank’s fraud helpline without delay.
Always uninstall any unknown apps found on your phone and run security scans using trusted antivirus apps.

How to Report Fake UPI App Clone Phishing Scam in India

Call 1930 — National Cyber Crime Helpline (24x7)
File a complaint at cybercrime.gov.in
Contact your bank immediately if money was lost
Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What is Fake UPI App Clone Phishing Scam?: Dangerous: Fake UPI App Clone Phishing Scam is a confirmed scam in India. Stay safe from fake UPI app clone phishing scams. Learn how scammers steal UPI credentials through malicious app downloads. Report at cybercrime.gov.in
How does Fake UPI App Clone Phishing Scam work?: Step 1: Scammers call/message impersonating bank or UPI app support (PhonePe, Google Pay) claiming suspicious transaction or account block issue Step 2: Build trust by using victim's personal details and asking for basic verification like DOB, phone number Step 3: Create urgency claiming technical glitch in UPI app requiring immediate resolution to prevent account blocking Step 4: Direct victim to download fake UPI app clone from phishing link or legitimate screen-sharing apps like AnyDesk Step 5: Request phone permissions and ask victim to share 9-digit OTP while staying on call for 'guidance'
How to protect yourself from Fake UPI App Clone Phishing Scam?: Do not download any app or update from links sent via WhatsApp, SMS, or unknown callers. Hang up immediately if someone asks for your UPI PIN, OTP, or banking credentials over the phone. Verify any suspicious calls by independently contacting your bank or UPI service through official customer care numbers. Report any fraudulent transactions or scam calls at cybercrime.gov.in and your bank’s fraud helpline without delay.
How to report Fake UPI App Clone Phishing Scam in India?: Report to cybercrime.gov.in or call 1930 (National Cyber Crime Helpline). You can also contact your local police station's cyber cell.

Related Scams in India

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.