Beware of Fake DigiLocker Apps Stealing Bank Money

Fake DigiLocker Apps Resurface on Google Play

In the digital era, scams are growing rapidly. Fake DigiLocker applications have once again appeared on the Google Play Store. These apps mimic the official DigiLocker in appearance but are designed to steal users’ banking details, SMS messages, OTPs, and other sensitive information. By using government-like branding and logos, these fraudulent apps easily deceive unsuspecting users.

How the DigiLocker Scam Works

Once a user downloads these fake apps, they immediately request suspicious permissions such as access to SMS, call logs, and screen recording—permissions unnecessary for a simple document storage app. The scammers then ask for Aadhaar, PAN, or phone number verification. After gaining access, they read OTPs, display fake banking pages to the user, and carry out unauthorized fund transfers. Many victims report their money disappearing within minutes or hours of installing these apps. This highlights the importance of vigilance and downloading apps only from official sources.

Identifying and Protecting Yourself from Fake Apps

The genuine DigiLocker app is published by the Government of India under the developer name “National e-Governance Division.” Any variation in the publisher’s name or app details should raise immediate suspicion. Other warning signs include requests for SMS or screen recording permissions, strange developer email addresses, few downloads, and suspicious reviews.

If you have already installed such an app, immediately disconnect from the internet and uninstall the app. Check your bank and UPI apps, change passwords and UPI PINs, and report any unauthorized transactions to your bank and the Cybercrime Portal.

Beware of Fake Permissions

A legitimate document storage app will never require access to SMS, call logs, or screen recording. Scammers exploit these permissions to read OTPs, record banking login details, and steal credentials through fake banking pages. Always scrutinize app permissions carefully and use only official app stores to download applications.

Additional Warnings on Banking Frauds

Banking and cybersecurity experts continuously warn about APK frauds and malware apps. Recently, HDFC Bank issued alerts about APK-related scams. Fraudulent apps downloaded from unofficial sources or even occasionally appearing on Play Store can steal banking credentials, OTPs, and sensitive data. Users are advised to download apps only from official stores and be cautious with SMS or email links from unknown sources.