What to do if I shared my OTP in a UPI scam?

Immediately contact your bank's customer service and request to block your account. Additionally, reach out to 1930 for further guidance.

How do I identify this specific Modded UPI App Scam?

Look for unusual app interfaces, lack of transaction confirmations in your banking app, and any insistence from customers to trust their screen over yours.

How to report this type of scam in India?

Report the incident at cybercrime.gov.in or call the helpline 1930 to file a complaint. Notify your bank as well.

How can I recover money or protect accounts after this scam?

Immediately block your UPI services with your bank and change your security details. Monitor your account for signs of unauthorized access.

Modded UPI App Scam Targeting Merchants

Verdict: Suspicious | Risk Score: 8/10 | Severity: high

Category: UPI, Phishing, Government Impersonation

How Modded UPI App Scam Targeting Merchants Works

Overview: The Modded UPI App Scam is a deceptive scheme where fraudsters use unofficial or tampered versions of popular mobile payment apps to simulate or fake transactions. The target is usually small business owners, shopkeepers, and local service providers in India. The scam is dangerous because it exploits the familiarity and trust people have in brands like Google Pay, PhonePe, or Paytm, but the modified app operates outside official channels, making fake payments look real at a glance. How It Works: Scammers download a modified APK—an unofficial, altered version—of a mainstream UPI app from a website or third-party marketplace. These apps let users enter custom payment details and produce realistic screens or screenshots that can be used to convince sellers that a transaction has gone through. The buyer pretends to pay, shows the fake app interface or screenshot in person, and demands immediate release of goods. The merchant often realises much later that no payment was received. India Angle: This scam exploits India’s digital payment boom, targeting city markets, roadside stalls, and even food delivery partners. Victims are often those less familiar with app security or the differences between official and tampered apps. Scammers operate in Hindi, English, and the local language. Such tactics are common during festival sales or in busy market settings, where sellers are rushed. Real Examples: - A Mumbai electronics shopkeeper is shown a PhonePe payment screen by a 'customer'; later, the shopkeeper finds no such credit. - Street vendor receives a fake Paytm payment screen for a gold chain; no money ever arrives. - A daily wage worker is tricked by a buyer's app that isn't listed in their phone’s official app store. Red Flags: 1. Payment app interface looks ‘off’ or low-quality compared to the official app. 2. Buyer insists all payment is done "in-app" and refuses to check SMS or UPI credit. 3. Transaction notification appears only on buyer’s device, not yours. 4. No entry in your UPI statement or transaction history. Protective Measures: - Only trust payments visible in your bank account or UPI app—not what’s displayed on the buyer’s phone. - Be alert for apps that are not from Google Play or the official Apple App Store. - Don’t rush goods handover until payment is truly credited to your account. - If you receive an unexpected transaction screenshot, check with your bank. If Victimised: Inform 1930 and submit a report on cybercrime.gov.in. Forward fraudulent screenshots and phone numbers to the police for investigation. Related Scams: - Fake UPI screenshot scam using image generator apps. - Phishing links to download malicious payment apps. - Fake merchant onboarding or 'cashback' app frauds.

How This Scam Works — Detailed Explanation

The Modded UPI App Scam primarily targets small merchants and local service providers across India, leveraging familiar yet counterfeit mobile payment applications like Google Pay, Paytm, and PhonePe. Scammers often identify their victims through local business directories, social media, or even word-of-mouth in community groups. They approach victims by offering seemingly legitimate payment solutions, often touting enhanced features or exclusive deals that can only be accessed through these 'exclusive' apps. The fraudsters will often ask the victims to download these modded applications from third-party sources, circumventing official app stores, thus creating an illusion of genuine service.

To ensnare their targets, scammers deploy a range of psychological tactics. They convince merchants that they are missing out on efficient and savvy methods of handling transactions, leading to a fear of falling behind competitors. They may entice their victims by showcasing positive fake reviews or testimonials and offering assurance through fabricated customer service channels. Once a merchant agrees to use the modded app, the scammer walks them through the installation process, manipulating the visual presentation to mirror the official app, which alleviates any initial skepticism. This clever deception builds false confidence, prompting victims to make transactions without further verification.

Here's how the scam typically unfolds: a merchant, potentially overwhelmed with daily transactions, receives a request for a payment from a customer, who has also downloaded the modded app. The merchant is instructed to enter their UPI ID, and despite the app looking functional, they receive no confirmation in their bank account or official UPI app. They may hear the customer exclaiming about a successful transaction, prompting the merchant to trust their word. Since the payment appears only on the buyer’s screen, the merchant, keeping faith in the transaction, potentially ends up delivering goods or services without receiving any real payment. Real-life incidents have revealed merchants across major Indian cities, including Delhi, Mumbai, and Bangalore suffering losses amounting to ₹10 crore in just the last year due to similar scams.

The financial aftershocks of the Modded UPI App Scam are devastating. Hundreds of small businesses have reported losses not only impacting their profits but also crippling their ability to function in a post-pandemic economy. Data from CERT-In has highlighted the urgency in addressing such scams, categorizing them as high-risk due to their sophisticated nature. With UPI transactions soaring in India, the scope for exploitation and fraud has increased alarmingly. The Ministry of Home Affairs and Reserve Bank of India have emphasized the need for heightened awareness and updated cybersecurity practices, given that UPI fraud has led to losses exceeding ₹50 crore over the last fiscal year.

To discern this scam from legitimate communications, merchants should pay close attention to the payment notifications they receive. Genuine UPI apps will promptly reflect payments through both SMS and their banking app, unlike modded alternatives. Be wary of any customer insisting you trust their smartphone screen rather than checking your own app for confirmation. Any discomfort with the app interface, such as color schemes or logo variations, should trigger red flags. Remember, official apps will always originate from verified sources like Google Play Store or App Store, and thus any installation from third-party sites should be avoided like the plague.

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does Modded UPI App Scam Targeting Merchants Target?

General public across India

Red Flags — How to Identify Modded UPI App Scam Targeting Merchants

App interface on buyer's phone looks unusual or not from official app store
Payment appears only on buyer's mobile, not in your bank/UPI app
No official SMS or credit for the payment
Buyer refuses to check credit on your phone or insists you trust their screen

What To Do If You Encounter Modded UPI App Scam Targeting Merchants

Contact the cybercrime helpline at 1930 immediately if you've fallen victim.
Report the incident to your bank's fraud department — SBI at 1800-11-1109 and HDFC at 1800-202-6161.
Change your UPI PIN and secure all linked bank accounts promptly.
Uninstall any suspicious apps and clear your app cache to erase data.
Monitor your bank statements for unauthorized transactions diligently.
Visit cybercrime.gov.in to report the scam and keep updated on emerging threats.

How to Report Modded UPI App Scam Targeting Merchants in India

Call 1930 — National Cyber Crime Helpline (24x7)
File a complaint at cybercrime.gov.in
Contact your bank immediately if money was lost
Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What to do if I shared my OTP in a UPI scam?: Immediately contact your bank's customer service and request to block your account. Additionally, reach out to 1930 for further guidance.
How do I identify this specific Modded UPI App Scam?: Look for unusual app interfaces, lack of transaction confirmations in your banking app, and any insistence from customers to trust their screen over yours.
How to report this type of scam in India?: Report the incident at cybercrime.gov.in or call the helpline 1930 to file a complaint. Notify your bank as well.
How can I recover money or protect accounts after this scam?: Immediately block your UPI services with your bank and change your security details. Monitor your account for signs of unauthorized access.

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.