india employmentnews

Hit enter to search or ESC to close.

Credit & Debit Card Users Alert: Fraud Happening Without OTP, APK Links Can Empty Your Bank Account

By Siddhi Jain | Jan 13, 2026, 16:58 IST
S

Cyber fraud in India is taking a dangerous new turn. In a worrying trend, money is being stolen from credit and debit cards without users sharing any OTP, leaving victims shocked and confused. Recent cases reported from Visakhapatnam have revealed how fraudsters are exploiting APK files, fake links, and weak digital security systems to drain bank accounts silently. Experts warn that such scams are rising rapidly, especially during festive seasons.

New Cyber Scam Raises_toggle Concerns Nationwide

Traditionally, OTP-based authentication has been considered a strong safety layer for card transactions. However, cybercriminals have now found ways to bypass OTP protection entirely. Victims neither approved any transaction nor shared sensitive details, yet money was deducted from their accounts.

According to police reports, several victims only realized something was wrong after receiving their bank statements or credit card bills. By then, the money had already vanished, making recovery difficult and time-consuming.

Authorities have described this as a new and highly dangerous fraud method, urging card users to remain extra cautious.

Over 20 Cases Reported, Losses Cross ₹10 Lakh

As per media reports, more than 20 such fraud cases have been registered in Visakhapatnam in recent weeks alone. The combined financial loss has exceeded ₹10 lakh, highlighting the seriousness of the threat.

In one case, a defense personnel found ₹75,000 spent on his card, despite never sharing his OTP with anyone. In another instance, a user received a credit card bill of over ₹1 lakh, even though they had not used their card at all during that period.

These incidents clearly show that cybercriminals no longer rely only on social engineering calls or OTP scams—they are now using advanced technical methods.

APK Files: The Hidden Weapon Used by Fraudsters

Cybercrime officials say that downloading APK files from unknown sources is one of the biggest reasons behind this fraud. An APK file is an Android application package that can be installed outside official app stores.

Once installed, a malicious APK app can:

  • Access SMS messages and notifications

  • Read OTPs and banking alerts silently

  • Track card activity and personal data

  • Allow fraudsters to initiate transactions remotely

In many cases, users are unaware that such access has been granted. As a result, criminals can withdraw money without triggering immediate suspicion.

Police have strongly advised people to avoid downloading apps from links sent via SMS, WhatsApp, email, or social media, especially if they promise rewards or urgent updates.

Contactless Cards and Weak Security Add to the Risk

Cyber experts have also pointed out that weak security features in some cards are making fraud easier. Not all cards follow strong two-factor authentication for every transaction. Additionally, the growing use of contactless (tap-and-pay) cards has increased risk when limits and controls are not properly set.

Fraudsters are also circulating fake UPI links, which redirect users to malicious platforms designed to steal financial data. These scams tend to spike during festivals, sales events, and holiday seasons, when people are more likely to click on promotional offers.

Fake Rewards and Cashback Offers Trap Users

One of the most common traps involves fake cashback offers, reward points, or credit limit increase messages. Fraudsters often pose as bank officials and contact users through calls or messages.

The moment a user:

  • Clicks on a suspicious link

  • Downloads an unknown app

  • Enters basic details

their phone and banking data can be compromised.

Police and banks have repeatedly warned that no genuine bank asks customers to download apps or click links for rewards or KYC updates.

How to Protect Yourself from APK and Card Fraud

To stay safe:

  • Never download apps outside Google Play Store or Apple App Store

  • Do not click on unknown links, even if they look official

  • Keep card transaction alerts and limits enabled

  • Disable contactless payments if not needed

  • Immediately report suspicious activity to your bank and cybercrime helpline

Final Word

Cyber fraud methods are evolving fast, and OTP alone is no longer a guarantee of safety. Staying alert, avoiding unknown APK files, and following basic digital hygiene are now essential to protect your money. One careless click can cost you your entire bank balance—so caution is your strongest defense.

Around The Web

You May Also Like

Trending