Delhi woman loses ₹47 lakh in KYC Scam via WhatsApp call: How to stay safe?

If you ever suspect fraud, report it immediately to your bank, the Cyber Crime Helpline, or through the National Cyber Crime Reporting Portal (www.cybercrime.gov.in)

A recent cyber fraud incident in Delhi has highlighted the growing threat of online scams, particularly those involving fake Know Your Customer (KYC) verification processes. Renu Vishwanath, a 59-year-old retired headmistress, lost her savings of Rs 47 lakh after falling victim to a meticulously orchestrated scam that began with a WhatsApp message.

 

“No Bank will ever ask any customer to verify KYC through WhatsApp or download external APK files. Cyber criminals often create an urgency to trick any user to extract personal information. With banks, the KYC verifications can be done through banking apps or websites. One needs to protect themselves from such scams. They should avoid clicking suspicious links and never download apps or share OTP. Users should verify the source and maintain a two-way verification to avoid being succumbed to such frauds to protect themselves,” said Alay Razvi, managing partner, Accord Juris.

 

 

Meghna Mishra, senior partner at Karanjawala & Co. explains the case

 

The fraudster sent her a message on WhatsApp stating that KYC (Know Your Customer) is pending. After the message, she also received a call from the fraudster impersonating himself as a bank employee and insisted that she complete the KYC process and guided her through the process while she was on call.

 

The fraudster sent another WhatsApp message containing a link to an APK (Android Package Kit) file, which she was instructed to download. Unfortunately, the file contained malware, which gave the fraudsters remote access to her banking details, allowing them to wipe out her savings.

 

How to stay safe?

  “To stay unharmed, people must exercise caution, be a little more tech-friendly and avoid downloading unknown APK files sent via WhatsApp, email, or SMS. Banks do not request KYC verification through WhatsApp, and any such message should be treated as a red flag. Additionally, unsolicited calls from individuals claiming to be customer service representatives should be ignored, and any KYC updates should only be completed through official bank channels only. Another common scam tactic involves sending links disguised as wedding invitations, courier tracking messages, or urgent banking alerts—these should never be clicked. If anyone suspects any fraudulent activity, they must report it immediately on the National Cybercrime Reporting Portal (www.cybercrime.gov.in) or by calling 1930,” said Kartikay Trivedi, associate, SKV Law Offices.

 

“While caller tune advisories have been used to warn the public of these fraudulent activities, they have turned out to be in vain. The government must expand its awareness campaigns through Public Service Announcements (PSAs), awareness booths and workshops, that specifically address emerging scam tactics, such as fake KYC requests and malware-laden links. Awareness through television, social media, and digital platforms is essential to ensure people recognise and avoid such threats,” Trivedi said.