Experts warn of rising phishing, UPI and remote access scams targeting digital banking users

0
37
Growing digital banking adoption drives surge in phishing and UPI fraud across India. Image credit: Mint
Growing digital banking adoption drives surge in phishing and UPI fraud across India. Image credit: Mint

As digital banking, UPI payments, mobile banking and online investment services continue to expand across India, experts are warning about a sharp rise in cyber-enabled financial fraud.

While banks are strengthening their security systems, cybercriminals are increasingly relying on social engineering tactics, making customer awareness one of the most effective defences against online banking fraud.

Phishing remains one of the most common threats. Fraudsters impersonate banks through emails, SMS, WhatsApp messages or phone calls, asking customers to verify accounts, update KYC details or complete security checks. Victims who click malicious links or share OTPs, passwords or card details unknowingly give criminals access to their bank accounts.

UPI-related fraud has also increased as the payment system continues to grow. India now processes more than 130 billion UPI transactions annually. Government data presented in the Lok Sabha recorded 13.42 lakh UPI fraud cases involving ₹1,087 crore during FY2023-24, nearly double the previous year’s figure. The Reserve Bank of India (RBI) also reported 18 lakh fake collect requests during the 1st quarter of 2026. Fraudsters often send fake “Collect Requests” disguised as incoming payments, tricking users into entering their UPI PIN, which is required only to approve outgoing payments. A LocalCircles survey found that around 1 in 5 UPI users has experienced fraud, while more than 50% of victims never reported the incident.

Remote access scams continue to be another major concern. Criminals convince victims to install applications such as AnyDesk or TeamViewer by claiming to resolve banking issues. Once access is granted, fraudsters can view the victim’s screen, monitor sensitive information and carry out fraudulent transactions. Banks and authorised financial institutions do not normally ask customers to install such applications for routine support.

Cybercriminals also operate fake customer care services and fraudulent investment schemes that promise unrealistic or guaranteed returns. National cybercrime reports have risen from more than 10.29 lakh cases in 2022 to nearly 28 lakh in 2025, highlighting the growing scale of digital fraud.

Prof. Triveni Singh, former IPS officer and cybercrime expert, advised users never to share OTPs, UPI PINs, internet banking passwords or CVV numbers. He also recommended downloading apps only from official stores, keeping devices updated, enabling transaction alerts, and avoiding suspicious links, QR codes and screen-sharing requests.

Experts further advise anyone noticing suspicious account activity to immediately contact their bank and report the incident through the National Cyber Crime Helpline 1930 or the National Cyber Crime Reporting Portal, as prompt reporting improves the chances of blocking or recovering stolen funds.

Also read: Viksit Workforce for a Viksit Bharat

Do Follow: The Mainstream LinkedIn | The Mainstream Facebook | The Mainstream Youtube | The Mainstream Twitter

About us:

The Mainstream is a premier platform delivering the latest updates and informed perspectives across the technology business and cyber landscape. Built on research-driven, thought leadership and original intellectual property, The Mainstream also curates summits & conferences that convene decision makers to explore how technology reshapes industries and leadership. With a growing presence in India and globally across the Middle East, Africa, ASEAN, the USA, the UK and Australia, The Mainstream carries a vision to bring the latest happenings and insights to 8.2 billion people and to place technology at the centre of conversation for leaders navigating the future.