UPI Safety Tips: If you use UPI payments or net banking, you need to be wary of banking-related scams. Recently, a new malware called “Digital Lutera” was discovered, which can steal money from your UPI account. This malware doesn’t rely on calling or messaging to scam you, instead directly gaining access to your Android phone. Let’s learn what this malware is and how to prevent it.
What is “Digital Lutera”?
Gadgets360 first reported on this malware. It doesn’t work like traditional scams, where scammers hack into a user’s account by sending a link via a call or message. It’s a different type of fraud toolkit that can bypass UPI bank account and SMS-based OTP verification. This malware enters a user’s device through APK files and then performs its work upon receiving permission.
How this malware works
This malware is being distributed through APK files. As soon as a user downloads the infected APK file, it will be installed on their device. During installation, this APK file will ask for permission to write and read SMS. Once this permission is granted, the malware begins its work. While in the background, it silently monitors bank verification messages, allowing the hackers controlling the malware to breach users’ accounts.
NPCI issues clarification
NPCI (National Payments Corporation of India), which operates the UPI platform, has issued clarification on this matter. NPCI says that reports of this malware have been analyzed and adequate measures have been put in place within UPI to protect users from such risks.
How to avoid such scams?
- If you use an Android phone, download apps only from trusted sources like the Google Play Store.
- If someone sends you a link via message asking you to download an APK file, refuse. Never download apps from such links.
- Keep Google Play Protect turned on on your phone and keep your phone’s software updated.
