Digital payments have become near ubiquitous in India, with UPI clocking an average of 628 million transactions per day in July 2025. That kind of volume amounts to a quite staggering 48.5% of global real-time payments in FY 2025. While digital payments have exponentially increased business opportunities for citizens across the country due to its fast, seamless nature, it has also opened the door for hackers & scammers to try & take advantage – evidenced by the recent fake app scam involving UTI Asset Management Company.
What happened in the recent UTI Fake App Scam?
Recently, UTI issued an investor alert explicitly warning that there are fake mobile apps out there impersonating its official app – designed to mislead users & solicit unauthorized bank transfers or investments. UTI AMC, one of the leading asset management companies in India, observed that some groups, handles & mobile apps not affiliated with the brand have been soliciting bank transfers, mainly for transactions related to mutual funds.
The alert explicitly urges investors to avoid non-official links & report any kind of suspicious activity.
How did scammers plan & promote this attack?
Attackers planned this particular scam using a multi-phased social engineering method designed to trick users into downloading a malicious, non-official APK – the starting point from where they wreak total havoc:
Is this incident indicative of a wider problem?
The scam in question has already done lots of damage – in particular, one person prompted by a WhatsApp group to download the fake UTI AMC trading app ended up depositing over ₹50 lakh to scammer accounts, only to be coerced for more after false promises of huge returns. Similar stories are sadly being seen across all corners of the country, with unwitting citizens being robbed of their savings through these tactics.
In fact, recent trends indicate that these app scams are becoming a macro-level problem for India:
- Multiple advisories in 2024-25 warn of fake apps (including AI apps) & massive credential exposures that supercharge phishing & account takeovers.
- UPI frauds alone cost Indians over Rs. 1,087 crores in India.
- Google’s recently-launched Play Protect pilot has already blocked nearly 60 million attempts to install high-risk apps on Android devices across the country.
- WhatsApp, as part of a proactive crackdown against AI-assisted financial scams, banned over 6.8 million accounts linked to fraud networks in the first half of 2025 alone.
What are some of the common tactics scammers use in today’s landscape?
Due to the emergence of malicious AI, scammers around the country can now incorporate advanced tactics to try and commit fraud with your money. Here are 3 common tactics they use in today’s landscape:
- APK Scams: Similar to the tactics incorporated in the aforementioned UTI scam, this type of scam follows a similar template – victims get a service request or update link that compels them to download a malicious APK. Once they download it, the APK requests invasive permissions that allow them to intercept OTPs, read notifications & run overlays to capture credentials.
- Fake Trading & Investing Apps & Groups: In this tactic, scammers build trust in WhatsApp & Telegram groups by showing fake P&L screenshots and other fabricated financial material to build trust. Then, scammers direct victims to deposit into their accounts usually through a counterfeit app – with withdrawals blocked unless more fees are paid.
- Government-Lookalike WhatsApp Attacks: There has been a recent emergence of eChallan/mParivahan clones sent via WhatsApp to grab customer data & enable account takeovers through the guise of fine collection. As a result, officials have had to stress that fines are only paid through official portals and not through social media platforms like WhatsApp.
How can you stay vigilant against this ever-present threat?
The first rule seems simple enough: if something seems off, that’s because it most probably is. Beyond that, here are some platform-specific practical tips for you to stay safe from these kinds of scams:
If you have any further queries on how to safeguard yourself against these scams, click here to speak to an iValue security expert today.
