⚠ Fraud AlertUnofficial Fan SiteUpdated March 25, 2026

Protect Yourself from Bank Fraud: Fake Calls, Malicious APKs, and KYC Scams

Indian consumers lost ₹22,845 crore to cyber fraud in 2024 — a 206% jump in a single year. The tactics are getting sharper: callers who know your name and last transaction, fake apps that look identical to the real thing, and urgency that is engineered to override your better judgment. Here is what you need to know.

1930
National Cyber Fraud Helpline
Call immediately if you have been scammed. Available 24×7, free from any network. The faster you call, the higher the chance of freezing a fraudulent transaction.
Also report online at cybercrime.gov.in ↗

The Numbers Are Alarming

Cyber fraud in India has not just grown — it has exploded. Between 2021 and 2024, reported incidents rose nearly 500%. Investment scams, fake app downloads, and impersonation calls now account for the bulk of cases. The data below is from Ministry of Home Affairs (MHA) and Biocatch reports.

₹22,845 Cr
Lost to cyber fraud in 2024
Source: MHA
25 Lakh+
Cases reported in 2025
24% spike YoY
500%
Rise in cybercrime since 2021
10L → 50L+ cases
1930
National cyber helpline
24×7 · Free

Year-on-Year Growth in Cyber Fraud Cases

YearCases ReportedScaleFinancial Loss
2021~4.5 Lakh
~₹1,200 Cr
2022~10.3 Lakh
~₹5,000 Cr
2023~15.5 Lakh
~₹7,500 Cr
2024~22.7 Lakh
₹22,811 Cr
2025~25+ Lakh
₹22,845 Cr+

The Five Scams Targeting Bank & Credit Card Users Right Now

Fraudsters do not usually invent new tactics — they refine old ones. These five patterns are the most active in India right now, reported consistently in the context of credit card, UPI, and fintech accounts.

📞
Fake Bank Support Calls (Vishing)

You receive a call from someone who sounds professional, knows your name, and may even quote your last transaction. They claim your account is compromised, your card is being blocked, or your KYC is expiring. The urgency is deliberate. They ask for your OTP, CVV, or card number to "verify" or "unblock" your account. The moment you share it, your account is drained.

Most Common
📲
Malicious Banking APK Downloads

You get a WhatsApp message or SMS with a link to download a "bank rewards app", "KYC update app", or a fake version of your bank's official app. The APK looks convincing — it may even mimic your bank's UI exactly. Once installed, it requests permissions for SMS, contacts, and screen access, then silently forwards your OTPs to scammers who authorise transactions without you knowing.

Growing Fast
🪪
KYC Expiry Fraud

A message or call tells you your KYC has not been updated and your account will be frozen within 24 hours. You are asked to share Aadhaar details, PAN, or to install an app. This is a particularly effective scam because RBI has been pushing KYC compliance, so it sounds legitimate. Real banks and RBI will never threaten you with account closure over a call or WhatsApp message.

Targets New Users
🔗
UPI & QR Code Scams

Scammers send UPI payment requests disguised as "refund initiations" or share QR codes claiming you need to scan to receive money. In UPI, scanning a QR code and entering your PIN means you are paying, not receiving. Fraudsters bank on this confusion. They also send phishing links via SMS that open fake bank portals to harvest your net banking credentials.

High Volume
🔥
Fake Gas & Utility Booking APKs (MNGL, IGL, HP Gas)

Fraudsters create fake apps impersonating MNGL, MGL, IGL, Indane, HP Gas, and other piped gas or cylinder booking services. Circulated via WhatsApp, these APKs mimic official branding and ask users to "book a slot" or "update subsidy details." Once installed, they steal net banking credentials, UPI PINs, and even enable real-time screen access. Some request advance payment for a "technician visit" that never happens.

Rapidly Spreading

Red Flags — Hang Up or Delete Immediately

These are the warning signs that what you are experiencing is a scam. Scammers are trained to sound calm and authoritative. Trust the flag, not the voice.

🚩 Instant Warning Signs
!
Anyone asks for your OTP, CVV, card number, or net banking password — over call, SMS, or WhatsApp
!
You receive an APK file or download link via WhatsApp, SMS, or email to update any financial app
!
A caller creates urgency: "your account will be blocked in 2 hours", "you must act now"
!
You are asked to install a screen-sharing or remote-access app like AnyDesk or TeamViewer
!
A caller claims to be from RBI, TRAI, police, or ED, and asks for payment to avoid arrest
!
You receive a QR code and are told scanning it will credit money to your account
!
Any message with a shortened URL (bit.ly, tinyurl) leading to an app download
!
An offer that requires you to share your card details to claim cashback or rewards
!
Any APK for a gas utility (MNGL, IGL, MGL, HP Gas, Indane) received on WhatsApp or SMS

What Your Bank Will Never Ask You

Print this out. Save a screenshot. No legitimate bank, credit card company, or government body will ever, under any circumstance, ask for the following:

Your full card number
Your CVV (3-digit code on the back)
Any OTP sent to your phone
Your net banking password
Your Aadhaar or PAN number
To download any APK file
To install AnyDesk or any remote app
Payment to prevent account block
Important

If you are unsure whether a call is real, hang up and call your bank directly through its official app or the number on the back of your card. Do not call back any number the caller gives you — it will connect you to the same scammer.

Check Any APK Before You Install It — Free

If someone has sent you an APK file or you are unsure about an app you downloaded outside the Play Store, check it here. Type the APK file name below — or the file hash (MD5 or SHA256) if you have it — and we will run it through VirusTotal, which scans using 70+ antivirus engines simultaneously. Results open in a new tab.

Powered by VirusTotal (a Google company) · 70+ antivirus engines · Free · Opens in a new tab

The Safest Rule

Only install apps from the official Google Play Store or Apple App Store. Every legitimate bank, utility, and financial app is listed there. If you received a download link from WhatsApp, SMS, email, or any website — do not install it, regardless of how official it looks.

If You Have Already Been Scammed — Act Fast

Time is critical. Most banks and payment systems can freeze or reverse fraudulent transactions if notified within hours. Every minute of delay reduces the chance of recovery.

1
Call 1930 immediatelyIndia's national cyber fraud helpline. Available 24×7. They can coordinate with banks to freeze money before it moves. Have your transaction details ready.
2
Block your card instantlyOpen your bank's official app and block your card immediately. You can re-enable it later if needed. Do this before anything else if your card or account details were shared.
3
File a complaint at cybercrime.gov.inRegister formally online. This creates a legal record which is required for bank escalation and insurance claims. Take screenshots of any messages you received.
4
Raise a dispute with your bankContact your bank directly and raise a fraud transaction dispute. Quote your cybercrime complaint number. Banks are required to have a specific chargeback process for fraud cases.
5
Change all passwordsIf you shared net banking credentials, change them immediately. Also change your email password if the same password was used elsewhere. Enable 2FA on your email and banking apps.
6
Uninstall any suspicious appIf you installed an APK from an unknown source, uninstall it immediately and run a scan using Google Play Protect (Play Store → Profile → Play Protect).
Know Your Rights

Under RBI guidelines, if you report an unauthorised transaction within 3 working days and the fraud was not due to your negligence, your liability is limited or nil. Banks are required to acknowledge your complaint within 30 days. If they do not, you can escalate to the RBI Complaint Management System.

Frequently Asked Questions

Will my bank ever call me and ask for my OTP or CVV?

No. No legitimate bank, credit card company, or financial institution will ever call you and ask for your OTP, CVV, card number, or password. If anyone calls claiming to be bank support and asks for any of this, hang up immediately — it is a scam.

I received a WhatsApp message with an APK to update my bank or gas app. Is it real?

No. Banks, gas companies, and financial services never distribute app updates via WhatsApp, SMS, or any messaging platform. All updates come through the official Google Play Store or Apple App Store only. Delete the message and do not open the link.

How do I check if an APK file is safe to install?

Use the free checker above (powered by VirusTotal). Type the APK name and it will scan using 70+ antivirus engines. As a rule, only install apps from the official Play Store.

The caller knew my name and last transaction amount. Does that mean the call is real?

No. Scammers purchase leaked data from the dark web or through data breaches. Knowing basic personal information does not validate a caller's identity. Always hang up and contact your bank directly through the official app.

What is the national helpline for cyber fraud in India?

1930 is the national cyber fraud helpline, available 24×7 and free from any network. You can also report online at cybercrime.gov.in.

I got a WhatsApp message about an MNGL / IGL / HP Gas app for booking or subsidy. Is it real?

Almost certainly not. Official gas utility apps are available on the Play Store and are never distributed via WhatsApp. These fake APKs ask for UPI PINs, advance payments, or banking credentials. Delete the message, do not install the APK. If you need the real app, search directly in the Play Store for the official MNGL, IGL, or HP Gas app.

My money was debited after I shared my OTP. Can it be recovered?

Possibly, if you act fast. Call 1930 and ask your bank to freeze the receiving account. Banks can sometimes reverse transactions if reported within hours. File a formal complaint at cybercrime.gov.in as well. Under RBI guidelines, if the fraud was not due to your negligence, your liability may be limited.

Sources & References
1. Cybercrime in India 2025: 24% Spike, ₹22,495 Crore Lost — Insights on India
2. India Sees 500% Increase in Cybercrime Cases from 2021 to 2024 — MediaNama
3. India Nears 25 Lakh Cybercrime Cases in 2025 — BW Disrupt
4. Cybercrime Complaints Cross 19 Lakh in 2024 — DD News (MHA)
5. Indian Fraud Cases Tripled in 2024 — Biocatch
6. Govt Warns Against Fake Banking APK (Union Bank) — Business Standard
7. SBI YONO Fake APK Scam Warning — Business Standard
8. APK Fraud: Rising Cybercrime Threat in India — Ensure IAS
9. APK Fraud Risks & Safeguards — Kotak 811
10. National Cyber Crime Reporting Portal — cybercrime.gov.in (MHA)
11. Ministry of Home Affairs — Lok Sabha Reply on Cybercrime Statistics 2025

This page is published by an independent, unofficial fan site and is not affiliated with OneCard (FPL Technologies Pvt. Ltd.), any partner bank, or any government body. Statistics cited are sourced from MHA, RBI, and reputable media outlets — please verify figures with original sources. This is not legal or financial advice. If you have been defrauded, please contact official authorities.

Was this article helpful?

Found this useful? Share it.

WhatsAppRedditTwitter / X

Still have questions?

Ask our AI assistant — honest answers, including when OneCard isn't the right card.