Lucknow Woman Loses Lakhs as Scammers Gain Mobile Control Through ‘Three Dots’ Trick

The420.in Staff
4 Min Read

Lucknow: Cyber criminals have adopted a new method of online fraud, allegedly siphoning off ₹3.05 lakh from a woman’s bank account in Lucknow. The incident is suspected to be linked to a “remote device takeover fraud”, where scammers gain control of a victim’s mobile phone and access banking applications, OTPs and sensitive financial information.

According to police, a woman living in the Krishna Nagar area of Lucknow has lodged a complaint regarding the cyber fraud. The victim told investigators that she had placed an order for shoes on an e-commerce platform. On June 26, she received a call from an unknown person who introduced himself as a customer support executive and claimed that her order had been cancelled. The caller allegedly assured her that a refund would be credited to her bank account.

The accused allegedly convinced the woman to follow certain instructions on her mobile phone in the name of completing the refund process. At the time of the call, the woman’s mobile device was being used by her child. The caller reportedly instructed the child to tap certain options appearing on the screen, including the “three dots” menu. Believing the process to be genuine, the child followed the instructions.

India’s Largest Cybercrime Conference Nears: FutureCrime Summit 2026 Set for 6–7 August at Bharat Mandapam

Soon after, when the woman checked her bank account, she found that ₹3.05 lakh had been withdrawn. No refund amount was credited to her account. Following this, she approached the police and lodged a complaint.

Investigators suspect that the cyber criminals used techniques such as screen sharing, accessibility permissions or other device access features to gain remote control of the mobile phone. In such frauds, criminals do not necessarily hack the device directly; instead, they manipulate victims into granting permissions that allow remote access.

In remote device takeover fraud, once criminals gain control of a smartphone or computer, they can access banking applications, monitor transactions, view OTP messages, steal passwords and obtain other confidential information. In several cases, fraudsters carry out financial transactions while the victim remains unaware that the device has been compromised.

Cyber security experts said this method is different from conventional malware-based attacks. In these cases, criminals combine technical tools with social engineering tactics. They often impersonate bank officials, e-commerce company representatives, technical support executives or government employees to gain the trust of victims.

Experts have warned people against installing screen-sharing applications or approving unknown permission requests on their devices at the direction of strangers. Any call related to refunds, account verification or customer support should be independently verified through official company channels.

Cyber security professionals advised users to regularly review mobile application permissions and remove unnecessary access granted to unknown apps. Permissions related to accessibility services, screen recording and remote control can create serious security risks if misused.

Renowned cyber crime expert and former IPS officer Prof. Triveni Singh said that remote access-based frauds primarily exploit human behaviour rather than only technical vulnerabilities. He advised people not to blindly follow instructions received over phone calls and never share banking details, OTPs, PINs or device access with unknown persons.

He added that as digital transactions continue to expand, cyber criminals are constantly developing new techniques. Awareness and caution remain the strongest safeguards against such frauds. Immediate reporting to banks and cyber crime authorities after noticing suspicious activity can help reduce financial losses and improve the chances of recovery.

Stay Connected