HDFC Bank Warning: After the Reserve Bank of India (RBI) warned banks and customers against the use of AnyDesk App, the HDFC Bank is also warning its customers about the same. In personal messages to HDFC customers, the bank has informed customers, "Beware! Fraudsters may ask you to download AnyDesk App & share a 9-digit code which gets them access to your phone to steal money. DO NOT share your card details / OTP / PIN with anyone & report any unusual activity immediately to the ban." The bank informs customers on its website, "One of the recent techniques involves a fraudster taking unauthorized access of a victim's mobile device to carry out fraudulent transactions via UPI using the AnyDesk App."

HDFC AnyDesk App Warning: How fraudsters may lure you

In its official mailer, the HDFC Bank has detailed how the fraudsters lure victims. Here's what the bank says: 

- You may receive a phone call from a fraudster, who will claim to be a representative from a tech company/bank offering to fix issues in your smartphone or mobile banking apps.

- The fraudster will then lure you to download a mobile app like 'AnyDesk' from Play store or App Store, which can provide him with remote access to your mobile.

- Post the installation of the app (in this case 'AnyDesk'), a 9-digit code will be generated, which the fraudster will ask you to share.

- Then the fraudster will further ask you to grant him certain permissions. Once granted, the fraudster is now in control of your mobile device.

ALSO READ | RBI AnyDesk Warning: This app can steal all money from your bank account, never download

- Further, Mobile Banking credentials and PIN are vished (stolen) from you and the fraudster can now choose to carry out financial transactions from your mobile app which was already installed.

- The fraudsters also forward one SMS to you and advise you to forward it to a specific mobile number from your phone. On the basis of this, the fraudster is able to link/register your mobile number/account with UPI on his own mobile device.

- The fraudster subsequently seeks confidential account related credentials like Debit Card number, PIN, expiry date, OTP and sets the MPIN which is then used to authenticate transactions.

- Sometimes, the fraudsters could also send “Collect request" to your VPA and ask you to approve/authenticate it on the respective UPI apps to get reversal/refunds. Assuming that you will get credit/refund in your account, you approve the request by authenticating the transaction with MPIN [which is only known to you] but you might end up losing money since your account gets debited once the collect request is approved/authenticated.

The bank has shared some Do's and Dont's you should follow: 

HDFC AnyDesk App Warning: Dos

- Be alert to fraudulent calls (vishing) that ask you to download apps or share confidential information (disconnect such calls immediately)
- In case you have already downloaded “AnyDesk” app and it is no longer required, uninstall it IMMEDIATELY
- Please enable app-lock on your payment or mobile banking related apps.
- Report any suspicious activity at your nearest Bank Branch / genuine customer care number only

HDFC AnyDesk App Warning: Don’ts

- Do not share your banking passwords or store them in your mobile handset.
- Do not share your other sensitive financial details on call such as UPI PIN / MPIN, Debit / Credit Card, CVV, expiry date, OTP, ATM PIN, bank account details, etc.
- Don't allow a stranger to guide you to install a mobile app through App Store / Play store, or instruct you to change the setting of your mobile.
- Do not rely on customer service numbers of various merchants/entities/ banks etc. retrieved via Google search, since they can be fake.
- Do not forward any unsolicited SMS received on a request of so-called representative from a tech company/bank

Earlier in February, the RBI had warned against the use of AnyDesk App.