Screen-Sharing Scams: The Silent Digital Heist Targeting Indian Households
Screen-Sharing Scams: How Indians Are Losing Savings

Screen-Sharing Scams: The Silent Digital Heist Targeting Indian Households

In a disturbing evolution of cyber fraud, screen-sharing scams are systematically looting unsuspecting Indians by bypassing traditional hacking methods. Unlike conventional attacks that infiltrate systems, these scams manipulate users into voluntarily opening the digital front door, granting fraudsters real-time control over devices. This edition of The Safe Side delves into the mechanics of these scams and offers crucial strategies to evade them.

The Deceptive Power Bill Trap

Imagine receiving a routine-looking message warning that your electricity connection faces disconnection due to a pending bill payment. The text references MAHADISCOM, the Maharashtra State Electricity Distribution Company Limited, and urges you to call a provided number or enter credentials for clarification. Upon calling, you are informed that only Rs 100 is needed to maintain service, and a link is swiftly sent via WhatsApp or SMS.

Trusting the process, you click the link, input your bank details, and complete the small transaction. Minutes later, your phone buzzes not with a payment receipt but with alerts showing Rs 6.52 lakh drained from your account in multiple transactions. The link vanishes, leaving a stark realization: a simple message and momentary trust enabled fraudsters to wipe out a lifetime's savings.

Since 2022, the 'power bill' scam has become one of the most prevalent threats targeting senior citizens, exploiting screen-sharing links to dupe victims. Yogesh Vilankar, Deputy Chief Public Relations Officer of MSEDCL Nagpur Region, explained, "Consumers received messages threatening disconnection for unpaid small sums, accompanied by screen-sharing application links. Through rigorous awareness campaigns, we conveyed this was a scam."

Understanding Screen-Sharing Fraud

Screen-sharing frauds represent a sophisticated form of social engineering where attackers persuade victims to install remote access programs under pretenses like customer support, KYC updates, refunds, or tech assistance. Once access is granted, scammers can monitor sensitive information in real-time, redirect users to banking apps to steal credentials, or even execute transactions by manipulating victims into approving requests.

Tarun Wig, Co-founder and CEO of Innefu Labs, noted, "These scams allow attackers to access sensitive data live, redirect victims to banking apps, and steal credentials or make transactions." Sneha Katkar, Head of Product Strategy at Quick Heal Technologies Ltd., added, "This marks a dangerous evolution where criminals manipulate victims into installing remote-access apps, handing over live device control. While tools like AnyDesk and TeamViewer are common entry points, these attacks often overlap with tech support and investment scams."

The Role of Urgency and Manipulation

Scammers succeed not through technical sophistication but by exploiting urgency and trust. Amit Relan, CEO of mFilterIt, emphasized, "A few minutes of remote access lets fraudsters map a user's financial footprint and execute transactions before any control can react. With smartphones as wallets and banks, screen access equals full account access."

Pavan Karthick M, Threat Researcher at CloudSEK, warned, "On phones, scammers see everything in real-time: banking apps, OTPs, SMS alerts, and notifications. They can modify screens to deceive you into financial transactions." Tarun Wig further explained, "Screen-sharing scams complement OTP or phishing scams; fraudsters combine tricks to monitor OTPs and socially engineer victims into accepting transactions, making detection harder."

Warning Signs to Recognize

  • Urgent Threats: Scammers create panic with disconnection warnings, account suspensions, or refund expiries to rush actions.
  • Personal Numbers: Messages from 10-digit mobile numbers instead of official sender IDs like VM-MSEDCL.
  • App Download Requests: Any demand to download apps like AnyDesk, TeamViewer, or unknown APKs for bill payments is a scam.
  • Calls to Action: Requests for OTPs or suspicious link clicks.

Protection and Response Measures

To safeguard against these scams, experts recommend:

  1. Never download apps or click suspicious links from unsolicited callers.
  2. Delete messages from unknown numbers about bill payments or KYC updates.
  3. Use only official channels for communication and payments.
  4. Verify suspicious messages by contacting the official sender, such as MSEDCL offices.

If scammed, act immediately:

  • Contact your bank to freeze accounts and halt transactions.
  • Uninstall any unknown applications downloaded.
  • Report to the national cybercrime helpline 1930, cybercrime.gov.in, or local police.

Amit Relan stressed, "Treat device visibility like financial credentials. No legitimate institution requests screen sharing. Prevention requires user awareness and real-time monitoring." Kaushal Bheda, Director of Pelorus Technology, highlighted broader risks, "State actors use similar methods for espionage, compromising national security alongside financial theft."

Staying Vigilant in a Digital World

As the digital landscape evolves, so do scammers' tactics, exploiting vulnerabilities with increasing sophistication. The Safe Side series aims to demystify cybercrime trends, offering practical tips to stay informed and secure online. By understanding screen-sharing scams and adopting proactive measures, Indians can better protect their hard-earned savings from these silent digital heists.