Beware of UPI fraud: Here is why you should never give your phone to strangers for a ‘quick call’

What was a routine bank visit for 59-year-old Surender Kumar turned out to be a scene right out of a horror film when the senior employee of the President’s Estate discovered that a staggering ₹24.40 lakh had disappeared from his spouse’s and his accounts.

This amount, which the couple had saved up over the years, was transferred out through UPI, their bank revealed. The kicker? Neither Kumar nor his wife had ever used payment apps on their phones.

Further investigations by the New Delhi Police revealed that Kumar’s seemingly friendly younger colleague, another government employee posted in the President’s Estate, was behind this fraud.

Earlier this week, New Delhi Deputy Commissioner of Police Devesh Mahla revealed that 27-year-old Prakash Singh, who feigned friendship with the victim, “used his proximity… to access his mobile phone under various pretexts frequently.”

The accused took advantage of Kumar’s unfamiliarity with digital apps and allegedly installed a mobile payment application on his phone. He then “quietly linked it to his bank accounts,” added the deputy commissioner.

In the three months that followed, Singh allegedly “borrowed” Kumar’s smartphone under different pretexts, transferring ₹1 lakh at a time, siphoning off a total of ₹24.40 lakh from the accounts.

The accused would then delete transaction messages and uninstall the app before returning the phone to the victim to cover up his activities, alleged the New Delhi Police.

Singh apparently transferred most of the funds to Sanjay Chakraborty, who is said to have laundered the funds after receiving them.

The other accused, identified as Sanjay Chakraborty, was apprehended from Kolkata for aiding the fraud by receiving and laundering some of the stolen funds. The money was routed through various accounts, while Chakraborty retained a portion of it as a commission, according to the police.

Mahla alleged that Singh used the defrauded funds to clear debts, acquire gadgets such as two smartphones and a laptop, buy a motorbike, spend on mobile gaming, and go on vacations and shopping runs.

The police are still searching for other co-conspirators involved in the laundering, but what happened to Kumar is not an isolated incident.

Earlier this year, fintech major Zerodha warned its users about handing one’s phone to a stranger. Under the pretext of “just one call”, a potential scammer could defraud you off of “your entire savings,” they said.

“From intercepting your OTPs to draining your bank accounts, scammers can cause serious damage without you even realising it,” Zerodha posted on X, formerly Twitter.

To avoid falling victim to such ‘quick call traps’, always remember:

Never hand your phone to strangers—but if you do, dial the call yourself and put it on speaker.

Regularly checking your smartphone’s settings to see if a potential scammer enabled call forwarding.

And, of course, never ever share your OTPs with others.

Apart from such scams that involve borrowing your phone, it is prudent to not give remote access to anyone—it is just a digital version of handing over your smartphone. The latest KYC scams seem to be utilising this vulnerability.

On Wednesday, Delhi Police arrested Ajay Kumar Mandal, who allegedly defrauded a Delhi-based woman of ₹8.10 lakh after posing as a bank official. Under the pretext of conducting a KYC verification process, the accused is alleged to have tricked the woman into installing a remote-access application. Then the accused gained control over her phone and transferred funds out of her account, alleged the police.

Business