What to do if I shared my OTP in an otp_fraud scam?

Immediately contact your bank's customer support helpline to report the incident and request account locking. File a report at cybercrime.gov.in.

How can I identify if the malware is stealing my OTPs?

Look for unusual behavior in your accounts, such as transactions you did not authorize, or if you notice unexpected notifications regarding your banking activities.

How can I report this type of scam in India?

You should report incidents to the cybercrime helpline at 1930, visit cybercrime.gov.in to file a complaint, and inform your bank about any suspicious transactions.

What are the recovery steps after falling victim to this scam?

Start by changing passwords on your accounts, contact your bank to review your transactions, and promptly file reports with both your bank and the cybercrime helpline.

Malware Steals OTPs via Windows Phone Link

INDIA — By BharatSecure Threat Intelligence Team · Updated May 10, 2026

Verdict: Suspicious | Risk Score: 7/10 | Severity: high

Category: otp_fraud

How Malware Steals OTPs via Windows Phone Link Works

A new malware variant is exploiting the Windows Phone Link feature to intercept one-time passwords (OTPs). This method allows attackers to bypass multi-factor authentication, gaining unauthorized access to user accounts.

How This Scam Works — Detailed Explanation

Scammers are increasingly using advanced tactics to target individuals, and one of the latest methods involves malware that exploits the Windows Phone Link feature. This technique is particularly concerning as it allows attackers to intercept one-time passwords (OTPs) sent to users, thereby bypassing established multi-factor authentication protocols. In India, where mobile payments via UPI and banking transactions are soaring, the exploitation of this vulnerability could lead to significant financial losses for unsuspecting victims. The initial setup often involves distributing malicious applications or files disguised as legitimate updates or tools, which, when accessed, install malware that compromises user security.

The tactics deployed by these scammers are deeply deceptive. They often use psychological manipulation to instill a sense of urgency, claiming that user accounts are at risk of being breached. Once the malware is installed via the Windows Phone Link feature, it quietly monitors and captures any OTPs sent via SMS or notification, especially while users attempt to complete critical transactions on platforms like UPI or when accessing sensitive accounts linked to Aadhaar or WhatsApp. This reliance on human instinct—particularly the impulsiveness to act quickly under perceived threat—forms a crucial part of their strategy, allowing scammers to lure victims into enabling further transactions without their knowledge.

Victims of this malware attack may not realize what has transpired until it’s too late. After the malware successfully infiltrates a device, the attacker can easily receive OTPs and complete transactions without the victim's knowledge. For instance, an individual may attempt to make a payment using UPI through their mobile banking app. Following this, they receive an OTP on their phone, which the malware immediately captures. The attacker can now complete a transfer to their account, effectively performing an account takeover. Reports from cybersecurity incidents in India have highlighted multiple cases of users losing upwards of ₹10 crore through various forms of OTP-related fraud, illustrating the devastating impact this malware can have.

The ramifications of these scams are severe within Indian cyber landscape. Regulatory bodies such as the Ministry of Home Affairs (MHA) and the Reserve Bank of India (RBI) have issued alerts regarding the rise in malware-based scams. The Cyber Security Agency CERT-In also continuously monitors reports of fraudulent transactions, stressing the critical need for public awareness and safeguarding techniques. The spike in online fraud cases, reportedly involving losses in staggering amounts reaching over ₹500 crore in the past year, emphasizes the urgency of addressing this systemic threat amid growing digital adoption across the nation.

To differentiate between this scam and legitimate communications, users should scrutinize notifications for any signs of discrepancies or inconsistencies. Legitimate OTP requests will not typically occur without preceding user actions. Always verify the source of any communication requesting sensitive information or directing users to install applications. Avoid clicking on suspicious links and ensure that multi-factor authentication methods are implemented across all accounts for enhanced security. Educating oneself regarding typical scam patterns is key to protecting oneself from these evolving threats.

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does Malware Steals OTPs via Windows Phone Link Target?

General public across India

Red Flags — How to Identify Malware Steals OTPs via Windows Phone Link

malware
Windows Phone Link
OTP
multi-factor authentication
account takeover

What To Do If You Encounter Malware Steals OTPs via Windows Phone Link

Report any suspicious activity to the cybercrime helpline at 1930 or file a report at cybercrime.gov.in immediately.
Contact your bank's customer service helpline, such as SBI at 1800-11-1109 or HDFC at 1800-202-6161, to freeze your account if fraud is suspected.
Uninstall any suspicious apps or links associated with Windows Phone Link that might potentially contain malware.
Change your passwords for all key accounts, especially those linked to UPI and Aadhaar, to secure access.
Enable additional security features, such as biometric verification on your banking apps, wherever possible.
Regularly monitor your bank statements and transaction history for any unauthorized transactions.

How to Report Malware Steals OTPs via Windows Phone Link in India

Call 1930 — National Cyber Crime Helpline (24x7)
File a complaint at cybercrime.gov.in
Contact your bank immediately if money was lost
Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What to do if I shared my OTP in an otp_fraud scam?: Immediately contact your bank's customer support helpline to report the incident and request account locking. File a report at cybercrime.gov.in.
How can I identify if the malware is stealing my OTPs?: Look for unusual behavior in your accounts, such as transactions you did not authorize, or if you notice unexpected notifications regarding your banking activities.
How can I report this type of scam in India?: You should report incidents to the cybercrime helpline at 1930, visit cybercrime.gov.in to file a complaint, and inform your bank about any suspicious transactions.
What are the recovery steps after falling victim to this scam?: Start by changing passwords on your accounts, contact your bank to review your transactions, and promptly file reports with both your bank and the cybercrime helpline.

Related Scams in India

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.