What to do if I shared my OTP in a UPI scam?

Immediately call your bank's helpline and report the incident. You should also report it at 1930 and visit cybercrime.gov.in.

How can I identify this specific scam?

Be wary of unsolicited calls claiming to be from banks, especially those asking you to install remote access apps.

How do I report this type of scam in India?

Report it at 1930 or through cybercrime.gov.in, and inform your bank about the fraudulent activity.

What are the recovery steps if I fall victim to this scam?

Contact your bank immediately to freeze your account, file a police report, and track your transactions.

Remote Screen-Share OTP Fraud via Customer Care Calls

Verdict: Suspicious | Risk Score: 10/10 | Severity: critical

Category: UPI, KYC, Phishing

How Remote Screen-Share OTP Fraud via Customer Care Calls Works

Overview: A growing fraud trend in India involves scammers posing as bank customer care agents, tricking UPI users into installing remote control apps like AnyDesk or TeamViewer. Under the guise of 'resolving UPI issues,' fraudsters gain screen access, intercept OTPs, and drain bank accounts. This scam targets all digitally active Indians, with senior citizens and those unfamiliar with technology at particular risk. The losses can be staggering, and recovery is tough. How It Works: You might receive an unexpected phone call from someone claiming to be from 'XYZ Bank’s customer support.' They warn you that your UPI or bank account is 'blocked due to suspicious activity' or that 'your KYC needs updating.' When you express concern, the caller sounds reassuring and walks you through installing a remote access app on your phone. Once you grant access, the scammer asks you to log into your UPI app or bank app and read out an OTP 'to verify your identity.' Watching your screen, the fraudster completes unauthorized transactions, leveraging OTPs and PINs you unknowingly share. Funds are instantly moved out, often split into multiple small withdrawals or routed to mule accounts. India Angle: This scam method specifically targets Indian app users—Paytm, Google Pay, PhonePe, and netbanking are all at risk. Seniors, homemakers, and small business owners are particularly vulnerable because they may be less familiar with digital security. Most calls are made in Hindi, English, and regional dialects, and the deception often involves city names like Mumbai, Noida, or Hyderabad to sound authentic. The technique is spreading from metro cities to towns nationwide. Real Examples: 1. 'Good morning sir, I am calling from SBI customer care. There is a temporary block on your UPI—please install the AnyDesk app so I can assist.' 2. 'Your UPI security upgrade is pending. Kindly open Play Store, install TeamViewer, and share your 9-digit code.' Red Flags: - Unsolicited calls about bank account or UPI blocks - Requests to install any remote access app on your mobile - Callers insisting on seeing your screen or OTP - High-pressure tactics (“do this now or funds will be frozen”) Protective Measures: - Hang up immediately if asked to install screen-sharing apps - Never share your screen or device with anyone claiming to be from a bank - Double-check with your bank through the official website/app or branch if contacted about issues - Do not share OTPs, PINs, or login details under any circumstances If Victimised: - Uninstall the remote access app right away - Call the bank or freeze UPI transactions through the app’s hotline - Dial national helpline 1930 and report on cybercrime.gov.in - Change all UPI and bank passwords immediately and inform your local police station Related Scams: - Fraud calls asking for ‘KYC upgrade’ via screen-sharing - Fake tech support or gadget servicing scams using remote login - Phishing attempts to ‘unlock’ digital wallets using similar remote access

How This Scam Works — Detailed Explanation

Scammers identify potential victims by targeting individuals who frequently use digital payment platforms like UPI. They often scour social media platforms such as Facebook and WhatsApp, looking for discussions about account issues or offering services that require UPI transactions. Once they spot someone who could be a target, they spoof the bank's customer care number and initiate a call, posing as a bank agent. The scammers usually make their pitch sound pressing, stating urgent issues like 'suspicious transactions' or 'technical errors' in the user’s UPI account, which immediately captures attention.

The tactics used by these fraudsters are meticulously crafted to instill fear and urgency in their victims. They may sound professional and knowledgeable, often using banking terminologies to build trust. By claiming that they need to 'remotely access' the user’s device to fix the issue, they persuade users to download remote control software like AnyDesk or TeamViewer. This creates an illusion of legitimacy, making the victim feel that they are actually receiving help. Psychological tricks such as creating a fake sense of authority can manipulate the victim into complying. To further pressurize the victim, they often threaten that failure to act decisively will lead to immediate restrictions on their banking services. The victims’ anxiety is heightened by their genuine fear of potential financial loss.

Once the victim has downloaded the software and granted screen access to the scammer, the next phase unfolds. The scammer instructs the victim to log into their banking application or UPI service while they are still controlling the victim’s device. As part of this coercive process, the fraudster will watch the victim enter their details in real time, intercepting OTPs sent during transactions. For instance, a recent case in Maharashtra saw a senior citizen lose ₹8 lakh in minutes through this kind of fraud. By using the information obtained during the screen-sharing session, scammers can swiftly execute unauthorized transactions. Many victims end up discovering the fraud only after significant amounts have been siphoned from their accounts, often leaving them helpless and bewildered.

The impact of this scam is grim, particularly in India, where digital transactions have skyrocketed. The Ministry of Home Affairs (MHA) reported an alarming rise in UPI-related scams, with losses amounting to ₹700 crore in the last financial year alone. According to CERT-In advisories, scams where fraudulent tapping into people’s UPI accounts via screen sharing have caused not just financial hardships but emotional distress among victims, often leading to mental health struggles. Given the rapid digitization in India, especially among seniors who may not be tech-savvy, this scam poses a critical threat that demands immediate attention.

Spotting the difference between a legitimate call and the scam is vital for protection. Legitimate customer care calls will never ask you to download any software to assist with your banking concerns. Also, they will never demand your OTP or PIN or threaten to freeze your account. If you receive an unsolicited call about your UPI account, it's best to hang up and call the official customer service number of your bank immediately to verify the claim. Always remember, a genuine representative will respect your privacy and will not push you into taking actions under pressure.

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does Remote Screen-Share OTP Fraud via Customer Care Calls Target?

General public across India

Red Flags — How to Identify Remote Screen-Share OTP Fraud via Customer Care Calls

Unsolicited customer care call about UPI or account issues
Request to install AnyDesk, TeamViewer, or similar apps
Caller asks to view your mobile screen
Demands for sharing OTPs, PINs, or passwords
Threat of immediate account or fund freeze

What To Do If You Encounter Remote Screen-Share OTP Fraud via Customer Care Calls

Report the scam immediately at 1930 or visit cybercrime.gov.in for assistance.
Contact your bank's helpline immediately: SBI at 1800-11-1109 or HDFC at 1800-202-6161.
Change your UPI PIN and banking passwords without delay to secure your accounts.
Monitor your bank statements closely for unauthorized transactions.
Educate family members, particularly seniors, about this scam to prevent further victimization.
Seek help from local law enforcement if you've lost significant amounts of money.

How to Report Remote Screen-Share OTP Fraud via Customer Care Calls in India

Call 1930 — National Cyber Crime Helpline (24x7)
File a complaint at cybercrime.gov.in
Contact your bank immediately if money was lost
Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What to do if I shared my OTP in a UPI scam?: Immediately call your bank's helpline and report the incident. You should also report it at 1930 and visit cybercrime.gov.in.
How can I identify this specific scam?: Be wary of unsolicited calls claiming to be from banks, especially those asking you to install remote access apps.
How do I report this type of scam in India?: Report it at 1930 or through cybercrime.gov.in, and inform your bank about the fraudulent activity.
What are the recovery steps if I fall victim to this scam?: Contact your bank immediately to freeze your account, file a police report, and track your transactions.

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.