UPI fraud drains over Rs 6.35 lakh from engineer’s bank accounts

Udupi: A cyber fraud case involving the unauthorised transfer of over Rs 6.35 lakh through the Unified Payments Interface (UPI) has been reported, raising concerns over the growing misuse of digital payment platforms. The incident came to light after a civil engineer discovered that large sums of money had been transferred from his bank accounts without his knowledge.

According to the complaint, the victim, Chetan Kumar, a resident of Kunjibettu and a practising civil engineer, maintains accounts in two nationalised banks. On January 20, starting around 7.30 pm, a series of unauthorised UPI transactions were carried out, resulting in substantial financial loss within a short span of time.

Multiple unauthorised transactions detected

As per the details provided to the police, an amount of Rs 4,39,500 was fraudulently transferred from Kumar’s Bank of Baroda account through multiple transactions. Around the same time, Rs 1,96,400 was similarly withdrawn from his Karnataka Bank account.

The transactions were carried out without the complainant’s consent or authorisation. Kumar stated that he had not shared his UPI credentials, PIN or one-time passwords with anyone, nor had he attempted any transfers during the time the fraud took place.

The unauthorised withdrawals reportedly occurred in quick succession, suggesting a systematic attempt to siphon funds before the victim could react or block the transactions.

SMS alerts reveal the fraud

The complainant became aware of the fraud only after receiving a series of SMS alerts from the banks on his registered mobile number. The messages indicated successful debit transactions, prompting him to immediately check his account balances.

Realising that the transactions were not initiated by him, Kumar contacted his banks to report the incident and requested that his accounts be secured. He later approached the police and lodged a formal complaint detailing the unauthorised transfers.

Police officials said such delayed awareness is common in cyber fraud cases, especially when multiple transactions are executed rapidly, leaving victims little time to intervene.

Suspected misuse of UPI platform

Preliminary investigations indicate that unknown persons may have carried out the fraud by exploiting vulnerabilities in the UPI system or by using compromised credentials. However, police said it is too early to determine the exact modus operandi.

Investigators are examining whether the fraud involved phishing links, malicious mobile applications, screen-sharing scams or remote access to the complainant’s device. They are also analysing transaction trails to identify the destination accounts to which the funds were transferred.

Cybercrime officials noted that fraudsters often use mule accounts to quickly move stolen money across multiple accounts, making recovery difficult if reporting is delayed.

Case registered under IT Act and BNS

Based on the complaint, the Udupi CEN Police Station has registered a case under Sections 66(C) and 66(D) of the Information Technology Act. These sections pertain to identity theft and cheating by personation using computer resources.

In addition, Section 318(4) of the Bharatiya Nyaya Sanhita (BNS) has been invoked, which deals with cheating and dishonestly inducing delivery of property. Police said the sections were applied considering the financial loss and the digital nature of the offence.

Further investigation is underway to trace the perpetrators and establish how access to the accounts was gained.

Growing concern over digital payment fraud

Cybercrime officials have expressed concern over the steady rise in UPI-related fraud cases, particularly involving professionals and salaried individuals who rely heavily on digital transactions. While UPI has simplified payments, it has also become a target for cybercriminals exploiting user negligence or technical loopholes.

Officials reiterated that banks and payment platforms do not ask customers to share PINs, OTPs or click on unknown links. They urged users to remain cautious while receiving calls or messages claiming to be from banks, customer care or government agencies.

Advisory to the public

Police have advised the public to immediately report any suspicious transaction to their bank and the national cybercrime helpline. Early reporting increases the chances of freezing beneficiary accounts and recovering funds.

Users have also been asked to regularly monitor bank statements, enable transaction alerts, avoid installing unverified apps and never share sensitive banking information over phone calls or messages.

Conclusion

The UPI fraud involving the unauthorised transfer of Rs 6.35 lakh highlights the evolving challenges of digital financial security. While electronic payment systems offer speed and convenience, they also demand heightened vigilance from users.

Police have assured that all efforts are being made to trace the accused and recover the lost amount. Meanwhile, the case serves as a reminder for the public to stay alert and adopt safe digital practices to prevent falling victim to cybercrime.