How to safeguard bank account against fraudulent access via UPI using AnyDesk

Must Read

How to choose an effective DDoS mitigation plan

There are several flavours from which to choose when selecting an effective DDoS mitigation strategy. Most enterprises opt for one of the cloud protection flavours (always-on or on-demand)

How tech bolster security of online gaming platforms

The rise of and is evident throughout the world’s financial capitals with the UK, US, and a few other European nations at the forefront

Explained: The evolving nature of cybersecurity threats

Concerns such as hacking and the presence of computer viruses have existed for decades in one form or another. As technology evolved over the years, so did the cybersecurity  threats themselves.

One of the recent techniques involves a fraudster taking unauthorized access of a victim’s mobile device to carry out fraudulent transactions via using the App. You may receive a phone call from a fraudster, who will claim to be a representative from a tech company or bank offering to fix issues in your smartphone or mobile banking apps. The fraudster will then lure you to download a mobile app like ‘’ from Play store or App Store, which can provide him with remote access to your mobile.

Post the installation of the app (in this case ‘AnyDesk’), a 9-digit code will be generated, which the fraudster will ask you to share. Then the fraudster will further ask you to grant him certain permissions. Once granted, fraudster is now in control of your mobile device. Further, mobile banking credentials and PIN are vished (stolen) from you and the fraudster can now choose to carry out financial transactions from your mobile app which was already installed.

Fraudulent access via UPI using AnyDesk App

They also forward one SMS to you and advise you to forward it to a specific mobile number from your phone. On the basis of this, the fraudster is able to link or register your mobile number or account with UPI on his own mobile device. The fraudster subsequently seeks confidential account related credentials like Debit Card number, PIN, expiry date, OTP and sets the MPIN which is then used to authenticate transactions.

In few instances they could also send “Collect request” to your VPA and ask you to approve or authenticate it on the respective UPI apps to get reversal, refunds. Assuming that you will get credit or refund in your account, you approve the request by authenticating the transaction with MPIN which is only known to you but you might end up losing money since your account gets debited once the collect request is approved or authenticated.

Be alert and follow the Dos & Don’ts listed below


Be alert to fraudulent calls (vishing) that ask you to download apps or share confidential information (disconnect such calls immediately). In case you have already downloaded “AnyDesk” app and it is no longer required, uninstall it immediately. Enable app-lock on your payment or mobile banking related apps. Report any suspicious activity at your nearest Bank Branch or genuine customer care number only


Do not share your banking passwords or store them in your mobile handset. Do not share your other sensitive financial details on call such as UPI PIN, MPIN, Debit, Credit Card, CVV, expiry date, OTP, ATM PIN, bank account details, etc.

Don’t allow a stranger to guide you to install a mobile app through App Store, Play store, or instruct you to change a setting of your mobile. Do not rely on customer service numbers of various merchants, entities, banks among others retrieved via Google search, since they can be fake. Do not forward any unsolicited SMS received on a request of so called representative from a tech company or bank.

The author is  Executive Vice President & CISO

Subscribe to receive the day's headlines from Tech Observer straight in your inbox

Leave a Reply

*The moderation of comments is automated and not cleared manually by Embedding of any link and use of abusive or unparliamentary language are prohibited.
- Advertisement -

Latest in TECH

Sapience Analytics signs distribution agreement with Redington

Sapience Analytics and Redington said that they have entered into a distribution agreement where latter will resell the Sapience Vue solution through its network of over 30,000 channel partners, system integrators, and value-added resellers countrywide.
- Advertisement -SAP Hana

Related Articles