Thiruvananthapuram: Kerala Police have issued a high-alert warning to Vivo and iQOO smartphone users over a dangerous new cyber fraud campaign involving fake “OriginOS Update” pop-ups. The scam tricks users into installing malicious software disguised as urgent system updates, ultimately giving cybercriminals full control over mobile devices and enabling theft of sensitive banking data.
According to police, the fraud is being executed in a highly organized manner. Users are shown deceptive notifications claiming that their phone will stop working or face system failure unless an immediate update is installed. Exploiting fear and urgency, victims are pushed into clicking malicious links without verification, leading to silent installation of harmful software on their devices.
One Click Leads to Full Device Takeover
Cybersecurity experts warn that once the malware is installed, attackers gain near-complete control over the infected smartphone. This includes access to the camera, microphone, SMS messages, contacts, storage, and other sensitive data.
Most critically, the malware can target banking applications and financial credentials. It can capture OTPs, passwords, and login details, transmitting them to remote servers controlled by attackers. This allows criminals to carry out unauthorized transactions and drain bank accounts without immediate detection.
FCRF Returns With CDPO, Its Premier Data Protection Certification for Privacy Professionals
Fear-Based Manipulation at the Core
Investigations reveal that fear and confusion are the primary tools used in this scam. Victims are repeatedly shown messages such as “update immediately or your phone will be blocked” or “system security at risk,” creating psychological pressure that discourages verification.
Authorities have clarified that legitimate smartphone manufacturers never distribute system updates through third-party links, pop-ups, or unsolicited messages. Official updates are only available through the device’s built-in settings under the system update section.
How the Cyber Network Operates
Cybercriminals first design fake system notifications that closely resemble genuine alerts. Once the user clicks on the link, a background script or malicious application is downloaded and installed.
The malware then activates silently and begins continuous data theft. In several cases, it can also enable real-time monitoring of user activity, allowing attackers to track behavior and extract sensitive information over time without detection.
Police Safety Advisory
Kerala Police have issued strict guidelines to protect users from such attacks. Users are advised to disable the “Install from Unknown Sources” setting, avoid clicking on suspicious links, and install updates only through official device settings.
Authorities also recommend ignoring unsolicited pop-ups and using trusted mobile security software to detect potential threats. Users are urged to remain cautious and verify all update-related messages before taking action.
What to Do If Infected
If a user accidentally clicks on a malicious link, police advise immediately disconnecting the device from the internet to prevent further data leakage. The phone should then be scanned using reliable security software, and any unknown or suspicious applications should be removed.
Users are also advised to change passwords for banking, email, and social media accounts using a secure device. In case of financial fraud, victims should immediately contact the cybercrime helpline 1930 or file a complaint through the National Cyber Crime Reporting Portal.
Rising Mobile Cyber Threat Landscape
Cyber experts note that attackers are increasingly shifting focus from computers to smartphones, as mobile devices store vast amounts of personal and financial data. Fake updates, phishing links, and malware-based applications have become among the most common cyberattack methods globally.
Expert Opinions
Experts from the Future Crime Research Foundation say such attacks are becoming more organized and technologically advanced. They highlight that cybercriminals are increasingly exploiting “digital trust” as the weakest link in cybersecurity.
Renowned cybercrime expert and former IPS officer Prof. Triveni Singh has warned that attackers are using highly sophisticated social engineering techniques. He noted that fake update scams succeed because users are unable to distinguish between genuine system alerts and fraudulent ones. He further emphasized that once a device is compromised, an individual’s entire digital identity can be at risk.
He stressed that awareness and caution remain the strongest defenses against such evolving cyber threats. Authorities and experts unanimously stress that vigilance is the most effective protection. Verifying every update request, avoiding suspicious links, and promptly reporting fraudulent activity are essential steps to prevent financial loss and safeguard personal data in an increasingly digital world.
