What to do if I shared my OTP in a UPI scam?

Immediately inform your bank's customer service and request a block on your account. For SBI, call 1800-11-1109, and for HDFC, call 1800-202-6161.

How can I identify the Malicious PM-Kisan APK Malware Scam?

Look for APK files that ask for unnecessary permissions or are not listed on the Google Play Store, especially those claiming to help with PM-Kisan applications.

How to report this type of scam in India?

You can report the incident at the cybercrime helpline 1930 or visit cybercrime.gov.in for assistance in filing a report.

What steps can I take to recover money or protect my accounts after this scam?

Contact your bank immediately to discuss fraudulent transactions and secure your accounts. Change your passwords and enable two-factor authentication for added security.

Malicious PM-Kisan APK Malware Scam

INDIA — By BharatSecure Threat Intelligence Team · Updated May 28, 2026

Verdict: Suspicious | Risk Score: 8/10 | Severity: high

Category: UPI, WhatsApp, KYC

How Malicious PM-Kisan APK Malware Scam Works

Overview: The Malicious PM-Kisan APK Malware Scam involves the distribution of fake mobile apps impersonating the PM-Kisan Yojana scheme. Fraudsters target Indian smartphone users—mostly farmers and their families—by urging them to install unofficial apps for faster subsidy processing or KYC updates. Once installed, these APKs compromise the device, enabling data theft and remote access, sometimes even hijacking WhatsApp accounts or triggering further fraud among contacts. How It Works: Scammers spread download links for fake PM-Kisan apps via WhatsApp, Telegram, or SMS. The apps are not available on the official Google Play Store; instead, they're distributed as "APK" files requiring the victim to enable "install from unknown sources." On installation, the app may mimic the look of a government site, prompting users to input personal info (Aadhaar, OTP, bank details). Behind the scenes, the malware gains deeper access, steals SMS, contacts and, in some variants, sends messages to all WhatsApp contacts with the same malware link, expanding the fraud chain. India Angle: This scam is being reported in states like Nagaland and other district[ADDRESS_REDACTED]. The attack leverages India's dependence on informal WhatsApp groups for government scheme updates, exploiting low awareness about app installation safety. Real Examples: - WhatsApp message: "Install 'PM-Kisan Yojana Official' app to get instant ₹6,000 subsidy. Click here to download — [unofficial link]" - APK shared in community groups alongside fake testimonials from 'farmers' praising the app. Red Flags: - Any PM-Kisan app distributed as an APK outside the Play Store - Requests to enable "unknown sources" in phone settings - Prompts for Aadhaar, OTP, or UPI within unofficial apps - Sudden reduction in phone speed or auto-messaging friends after installation Protective Measures: Only use the official PM-Kisan portal and never install government scheme-related apps from links or third-party sources. Always check that the app is on the Play Store and published by a verified developer. Disable "install from unknown sources" after verifying phone settings. If suspicious activity is observed, uninstall the app and run a trusted antivirus scan. If Victimised: Immediately delete the rogue app, reset your device if possible, change your Google and WhatsApp passwords, and alert your contacts not to click forwarded links. Report to 1930 and cybercrime.gov.in. Inform your bank if banking details were shared. Related Scams: UPI payment app malware; fake Aarogya Setu/ e-Shram APK scams; WhatsApp hijacking spyware.

How This Scam Works — Detailed Explanation

The Malicious PM-Kisan APK Malware Scam primarily targets smartphone users in India, particularly farmers who are eager to benefit from government subsidies. Scammers utilize social media platforms like WhatsApp, Facebook, and even local messaging apps to circulate information about non-existent mobile applications purportedly linked to the PM-Kisan Yojana. These fraudulent apps promise quick processing of subsidies or KYC updates, appealing to users who are often in need of expedited financial support. The perpetrators may even create fake websites or social media pages resembling the official PM-Kisan platform to add legitimacy to their claims, luring victims into downloading APK files that will compromise their devices.

To convince victims, scammers employ various psychological tactics appealing to urgency and trust. They may send messages that invoke fear or highlight the dire need for immediate action, asserting that failure to install the app could result in losing eligibility for the subsidy. Scammers may also leverage testimonials from caught-off-guard users, falsely claiming that the app has successfully aided others in getting their subsidies processed faster. This creates a sense of community and trust, making individuals more likely to bypass caution and download the suspicious APK file.

Once victims unknowingly download the malicious app, it often requests a myriad of permissions, prompting them to enable installations from 'unknown sources.' Upon installation, the malware can steal personal information, including Aadhaar numbers and bank account details. It can also gain access to victims' WhatsApp accounts, leading to more sophisticated scams where the victim's contacts are sent fraudulent messages requesting money. For example, in 2022, multiple farmers in Maharashtra reported that after installing such an app, their WhatsApp accounts were hijacked, leading to a loss of ₹5 crore collectively when friends and family fell victim to follow-up scams.

The impact of scams like the Malicious PM-Kisan APK Malware is significant, with experts estimating that the Indian populace loses around ₹300 crore annually to various mobile-based frauds. The Ministry of Home Affairs and Reserve Bank of India have pointed out that such scams predominantly target vulnerable populations, including small farmers who might not be well-versed in digital etiquette. The cybercrime helpline 1930 is inundated with calls from victims seeking redress, indicating widespread vulnerability and the dire need for public awareness. The National Cyber Security Coordinator has also warned people to be vigilant about their data security, often issuing advisories through CERT-In, stressing the need to report such incidents promptly.

To effectively identify this scam, users should be skeptical of any app claiming to expedite government procedures outside of official channels. Queries for 'PM-Kisan' or similar subsidy service apps that prompt the installation of APK files directly should be a red flag; these apps will not be available on the legitimate Google Play Store. Moreover, any app that requests sensitive data or pushes for permissions that seem excessive—like accessing contact lists or messages without clear justification—should raise further concerns. Legitimate communications from the government typically come through verified channels or official apps and will not lead users to third-party APK installations.

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does Malicious PM-Kisan APK Malware Scam Target?

General public across India

Red Flags — How to Identify Malicious PM-Kisan APK Malware Scam

APK file requests for 'PM-Kisan' or subsidy apps
Prompt to enable unknown sources
Requests for sensitive data in unofficial apps
Device slowdown or auto-messaging of contacts
No presence on the official Play Store

What To Do If You Encounter Malicious PM-Kisan APK Malware Scam

Report the scam immediately at cybercrime.gov.in or call the helpline 1930.
Uninstall any suspicious apps you may have downloaded related to PM-Kisan.
Change your passwords for any accounts that may be at risk, particularly WhatsApp and bank accounts.
Alert your friends and family about the scam, particularly if you have already shared any links or information.
Contact your bank's fraud department, keeping in mind helplines like SBI 1800-11-1109 and HDFC 1800-202-6161.
Ensure you enable two-factor authentication on your accounts for added security.

How to Report Malicious PM-Kisan APK Malware Scam in India

Call 1930 — National Cyber Crime Helpline (24x7)
File a complaint at cybercrime.gov.in
Contact your bank immediately if money was lost
Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What to do if I shared my OTP in a UPI scam?: Immediately inform your bank's customer service and request a block on your account. For SBI, call 1800-11-1109, and for HDFC, call 1800-202-6161.
How can I identify the Malicious PM-Kisan APK Malware Scam?: Look for APK files that ask for unnecessary permissions or are not listed on the Google Play Store, especially those claiming to help with PM-Kisan applications.
How to report this type of scam in India?: You can report the incident at the cybercrime helpline 1930 or visit cybercrime.gov.in for assistance in filing a report.
What steps can I take to recover money or protect my accounts after this scam?: Contact your bank immediately to discuss fraudulent transactions and secure your accounts. Change your passwords and enable two-factor authentication for added security.

Related Scams in India

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.