A new wave of cyber fraud targeting UPI users is rapidly emerging across the country, with screen-sharing scams becoming one of the most dangerous methods. Unlike traditional hacking or phishing attacks, this scam does not rely on malicious links or system breaches. Instead, victims unknowingly grant fraudsters full visibility of their smartphone screens.
How the scam begins
The scam typically starts with a phone call, message, or online interaction. Fraudsters pose as customer support representatives, delivery agents, or online buyers and sellers. They gain the victim’s trust and convince them that a screen-sharing or remote access app must be installed to resolve an issue or provide assistance.
FCRF Academy Launches Premier Anti-Money Laundering Certification Program
At first, the process appears legitimate because such tools are sometimes used in genuine technical support services, which prevents immediate suspicion.
What happens once the screen is shared
Once the user grants screen-sharing permission, the scammer gains real-time access to everything displayed on the device. They can see which apps are opened, what is being typed, and even incoming OTPs and banking notifications.
Although the user believes they still control their phone, the fraudster effectively takes over the decision-making process. The victim is then guided step-by-step—opening UPI apps, completing “verification,” or approving requests.
How the actual fraud is executed
At a crucial point, the user is asked to enter their UPI PIN or approve a transaction. Since the scammer is watching the screen, they apply psychological pressure and urgency, using phrases like “this is just verification” or “the offer will expire soon.”
In reality, the user unknowingly authorizes an actual financial transaction. The UPI system processes it as legitimate because all required authentication steps are completed by the user.
Why this scam is highly effective
The main strength of this scam is its normal appearance. There are no suspicious websites, no fraudulent links, and no direct requests for money. The entire interaction feels like genuine assistance rather than fraud.
This sense of familiarity reduces caution, and by the time suspicion arises, the money has already been transferred.
Why recovering money is difficult
Since the transaction is completed using the user’s own UPI PIN and OTP, banks often classify it as an “authorized payment.” As a result, recovery or refund becomes difficult in many cases.
Complaints can still be filed, but outcomes depend on several technical and legal factors, making recovery uncertain.
Cybersecurity experts’ warning
Cybersecurity experts and research organizations describe this scam as a psychological manipulation technique rather than a technical attack. It exploits trust, urgency, and lack of awareness.
Cybercrime expert and former IPS officer Prof. Triveni Singh has warned that such scams represent a rapidly growing form of social engineering fraud. According to him, “In these cases, criminals do not hack systems. Instead, they manipulate users into compromising their own security. By using screen-sharing, they monitor every action and control the transaction flow in real time.”
How to protect yourself
Experts strongly advise never using screen-sharing or remote access apps for banking or UPI-related activities. No legitimate bank or financial service provider ever asks for full screen access to complete transactions.
If such an app is accidentally installed, it should be removed immediately, and all banking passwords and security settings should be updated without delay.
The screen-sharing scam highlights how cybercrime is shifting away from technical attacks toward exploiting human behavior and trust. Even with strong digital security systems in place, human error remains the weakest link.
Awareness, caution, and informed decision-making are the most effective defenses against such evolving digital frauds.
