What to do if I shared my OTP in a phishing scam?

Immediately contact your bank helpline (SBI 1800-11-1109 or HDFC 1800-202-6161) to block your account and request a new OTP.

How can I identify if a communication is a phishing attack?

Look for signs like grammatical errors, requests for sensitive information, or benefits that seem too good to be true. Always verify through official channels.

What are the steps for reporting this type of scam in India?

Report to the cybercrime helpline 1930 or visit cybercrime.gov.in. Additionally, notify your bank immediately to help with tracking and recovering lost funds.

How can I recover money or protect my accounts after this scam?

Contact your bank and file a complaint to initiate recovery processes. Secure your accounts with new passwords and enable two-factor authentication.

Infostealers Turn Millions of Devices Into Credential Theft Machines

INDIA — By BharatSecure Threat Intelligence Team · Updated Jun 10, 2026

Verdict: Suspicious | Risk Score: 9/10 | Severity: Critical

Category: phishing

Scam Intelligence: Infostealers Turn Millions of Devices Into Credential Theft Machines

Proprietary signals from BharatSecure's scam-tracking database.

Last reported

Jun 10, 2026

How Infostealers Turn Millions of Devices Into Credential Theft Machines Works

Cybercriminals are increasingly using infostealer malware to compromise millions of devices, making stolen credentials a primary method for gaining unauthorized access. This tactic fuels ransomware attacks and other cybercrime operations, as attackers prioritize credential theft over exploiting system vulnerabilities.

How This Scam Works — Detailed Explanation

Cybercriminals deploy infostealers by leveraging social engineering tactics on popular platforms like WhatsApp and social media applications. They create fake profiles or send messages containing malicious links that prompt users to download infected files disguised as legitimate software updates or attractive offers. For instance, a seemingly urgent message about a fake UPI payment gateway can lure users who are keen to resolve payment issues. These communications often look authentic, mimicking official bank notifications or government advisories from bodies like the NPCI. This tactic reaches millions of devices that trust these everyday applications, setting the stage for widespread credential theft.

Once the infostealer malware is installed, it begins to operate silently in the background, capturing sensitive information such as login credentials, credit card details, and security OTPs. Attackers cleverly use psychological tricks, creating a sense of urgency or fear. For example, they may fake a problem with the victim’s Aadhaar-linked account, pressuring them to act quickly and share personal information without the necessary precautions. With the rise of remote work and online transactions, users are often under stress and may inadvertently compromise their security by providing sensitive data in response to these pressures.

Victims of infostealer attacks often experience immediate financial repercussions. For instance, if a person unknowingly shares their UPI PIN after falling for a scam, the attackers can quickly drain their bank account. Specific cases in India highlighted the destructive potential of these scams, with reports indicating that cybercrime resulted in losses exceeding ₹30 crore in 2022 alone. Victims may find unauthorized transactions on their bank statements, or their WhatsApp accounts may be hijacked to further spread the malware to their contacts. The attackers may leverage the stolen credentials for various fraudulent activities, including siphoning funds or identity theft, leaving victims in financial distress.

The impact of this crisis is multifaceted. Beyond individual losses, organizations like the Ministry of Home Affairs (MHA) have issued advisories on the rise of cyber threats, including infostealers, to raise awareness among citizens. The Indian government’s cybersecurity agency, CERT-In, has been actively warning about rising phishing attacks that could leverage stolen credentials to facilitate even more severe crimes like ransomware attacks. Each incident reinforces the importance of vigilance as victims struggle to reclaim their trust in online platforms, navigating through bureaucratic hurdles to report crimes and recover lost funds.

Despite the challenges, there are ways to differentiate between legitimate communications and scams. Legitimate messages from banks will never ask for personal or confidential information through casual text messages or platforms like WhatsApp. Checking sender authenticity is key; any unsolicited message requesting sensitive information should raise red flags. Users should remember that genuine communications from authorities or banks will always direct them to secure platforms for verification and not through direct text prompts.

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does Infostealers Turn Millions of Devices Into Credential Theft Machines Target?

General public across India

Red Flags — How to Identify Infostealers Turn Millions of Devices Into Credential Theft Machines

infostealers
credential theft
malware
ransom

What To Do If You Encounter Infostealers Turn Millions of Devices Into Credential Theft Machines

Report the incident immediately by calling 1930 or visiting cybercrime.gov.in
Change your bank passwords and enable two-factor authentication on your accounts
Notify your bank of any unauthorized transactions for possible refunds
Run a full security scan on your device to eliminate malware
Educate your family and friends about infostealer scams
Keep your software and applications updated to their latest versions

How to Report Infostealers Turn Millions of Devices Into Credential Theft Machines in India

Call 1930 — National Cyber Crime Helpline (24x7)
File a complaint at cybercrime.gov.in
Contact your bank immediately if money was lost
Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What to do if I shared my OTP in a phishing scam?: Immediately contact your bank helpline (SBI 1800-11-1109 or HDFC 1800-202-6161) to block your account and request a new OTP.
How can I identify if a communication is a phishing attack?: Look for signs like grammatical errors, requests for sensitive information, or benefits that seem too good to be true. Always verify through official channels.
What are the steps for reporting this type of scam in India?: Report to the cybercrime helpline 1930 or visit cybercrime.gov.in. Additionally, notify your bank immediately to help with tracking and recovering lost funds.
How can I recover money or protect my accounts after this scam?: Contact your bank and file a complaint to initiate recovery processes. Secure your accounts with new passwords and enable two-factor authentication.

Related Scams in India

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.