A 35-year-old store manager in Bengaluru wanted free access to Netflix. Instead, he lost Rs 1 lakh. The method: a mobile application called 'Tuby' that promised free access to popular OTT platforms including Netflix. The reality: a sophisticated cyber fraud operation that harvested the victim's banking credentials and drained his account. The case, reported by Deccan Herald and being investigated by Bengaluru's Ashok Nagar police, is one of thousands of similar incidents that India's cybercrime agencies deal with every year — and one of the most preventable. For IT professionals, cybersecurity educators, and everyday digital users alike, the Tuby app scam is a case study in how modern cyber fraud works, what makes it so effective, and what certified cybersecurity expertise looks like in practice.

What Happened: The Tuby App Scam in Bengaluru

The victim — a 35-year-old store manager residing in Bengaluru's Ashok Nagar area — was lured by an offer of free access to paid OTT platforms including Netflix. The offer was delivered through a mobile application named 'Tuby'. The app was not available through official channels such as the Google Play Store or Apple App Store — a significant red flag that was missed or overlooked.

After downloading and installing the application, the victim was prompted to enter personal and banking information to 'activate' the free subscription. The fraudsters behind the app used the harvested information to access the victim's bank account and siphon off Rs 1 lakh — approximately $1,200 — before the fraud was detected.

The case has been registered with Bengaluru's Ashok Nagar police, and the Indian Cyber Crime Coordination Centre (I4C) — the Union Ministry of Home Affairs agency that coordinates cybercrime response across India — is involved in the broader effort to track and dismantle such fraud networks.

How the Tuby App Scam Worked: The Eight-Step Fraud Playbook

The Tuby app scam followed a well-established fraud pattern that cybersecurity professionals call a 'fake app social engineering attack.' Understanding each step is the first line of defence:

 

Stage	What Happens
Step 1	Victim discovers or is sent a link to the 'Tuby' app promising free access to Netflix and other OTT platforms
Step 2	Victim downloads the app from a third-party source (outside official app stores) — bypassing Google Play / Apple App Store safety checks
Step 3	App requests extensive permissions — access to contacts, SMS messages, storage, and potentially banking apps
Step 4	Victim enters personal information and links payment or banking details to 'activate' the free subscription
Step 5	Fraudsters use harvested credentials to access the victim's bank accounts or initiate unauthorised transactions
Step 6	Money is withdrawn in multiple small transactions to avoid triggering automatic bank alerts
Step 7	Victim discovers the loss — often only when checking their bank statement
Step 8	Victim files a complaint with Bengaluru Cyber Crime police or via the I4C cybercrime portal (cybercrime.gov.in)

 

Each step in this sequence is a deliberate design choice by the fraudsters. The promise of free content exploits the human desire for value. The third-party download bypasses the security infrastructure of official app stores. The excessive permission requests are normalised by the app's framing. And the delayed discovery gives fraudsters time to transfer funds beyond easy recovery.

Why This Scam Works: The Psychology of Cyber Fraud

The Tuby app scam is not primarily a technical attack — it is a psychological one. Understanding why it works on otherwise cautious, intelligent people is essential for building effective defences.

The Scarcity and Value Trigger

Netflix, Amazon Prime Video, and JioCinema subscriptions cost between Rs 149 and Rs 649 per month in India. For many households, OTT subscriptions represent a meaningful monthly expense. An offer of free access to multiple platforms triggers a powerful psychological response: the desire to save money combined with the fear of missing out on a valuable deal. Fraudsters design these offers to appeal to rational cost-consciousness, making victims feel smart for finding a 'hack' rather than cautious about a potential fraud.

The Familiarity Deception

The app name 'Tuby' is designed to sound vaguely familiar — echoing 'YouTube' and 'tube' as generic media streaming terms. The app's interface likely mimicked legitimate streaming platform designs, using familiar colour schemes, iconography, and language. Familiarity reduces vigilance. When something looks and feels like what we expect, our critical evaluation drops.

The Authority and Legitimacy Illusion

Fake apps like Tuby frequently use stolen brand assets — Netflix logos, subscription tier descriptions, and membership language — to create the impression of official affiliation. When combined with a professional-looking interface, this creates an authority illusion that bypasses the victim's natural scepticism.

The One-Time Effort Justification

Entering banking details is reframed by the scam as a one-time verification step — 'just to confirm you are a real person' or 'to process your free subscription.' This framing normalises the information-sharing by making it feel proportionate to the reward and temporary in nature.

Red Flags: How to Identify a Fake App or OTT Scam

Every cyber fraud leaves traces — warning signs that, in hindsight, clearly indicate danger. Training yourself to recognise these red flags before interacting with suspicious offers is the most effective protection available:

 

Red Flag	How It Appeared in the Tuby App Scam	Risk Level
Too-good-to-be-true offer	Free access to paid streaming platforms (Netflix, Amazon Prime, Hotstar) that cost Rs 149-499/month	HIGH
Third-party app download	App not available on Google Play Store or Apple App Store — requires enabling 'unknown sources'	CRITICAL
Excessive permissions	App requests access to SMS, contacts, banking apps, or call logs — unnecessary for a media app	CRITICAL
No official branding	App name ('Tuby') does not match any known OTT platform; no verifiable company behind it	HIGH
Urgency or time limit	'Limited offer — activate now' messaging designed to prevent careful evaluation	MEDIUM
Payment to access free content	Being asked to enter banking details or make a small payment to 'verify' for a free service	CRITICAL
No contact information	No verifiable customer support, physical address, or registered company details	HIGH
Social media or WhatsApp promotion	Offer spread via WhatsApp forwards or social media rather than through official platform channels	MEDIUM

 

The Scale of the Problem: Cybercrime in India in 2026

The Bengaluru store manager's experience is not an isolated incident. It is one data point in a rapidly escalating national crisis. India has become one of the world's largest targets for cybercrime, driven by a combination of factors:

•      Rapid smartphone penetration — over 750 million smartphone users, many newly connected and with limited digital literacy

•      Growing digital payments adoption — UPI, mobile banking, and digital wallets have made financial transactions faster and simpler — and created new attack surfaces for fraudsters

•      OTT subscription culture — the growth of streaming platforms has created widespread familiarity with subscription models, making fake subscription offers more plausible

•      Work-from-home and digital-first economy — more time spent online increases exposure to fraudulent apps, phishing links, and social engineering attacks

•      Sophisticated fraud networks — cybercrime operations targeting India are increasingly organised, technically sophisticated, and operating from locations with limited law enforcement reach

I4C — the Indian Cyber Crime Coordination Centre — operates the national cybercrime reporting portal at cybercrime.gov.in and coordinates between state police forces, banking institutions, and central agencies to investigate and respond to cybercrime. The 1930 helpline is the national cybercrime helpline that victims can call immediately after a financial fraud to initiate response and attempt to block fraudulent transactions before funds are transferred out of reach.

What To Do If You Have Been Scammed: Immediate Steps

If you or someone you know has fallen victim to a fake app scam like the Tuby fraud, time is critical. Here is what to do immediately:

•      Call 1930 immediately — this is India's national cybercrime helpline. Report the fraud as quickly as possible; early reporting significantly increases the chance of blocking the transaction

•      File a complaint at cybercrime.gov.in — the I4C online portal accepts cybercrime complaints 24/7 and routes them to the appropriate state police agency

•      Contact your bank immediately — call your bank's 24-hour fraud helpline, report the unauthorised transactions, and request that your account be frozen pending investigation

•      Uninstall the fraudulent app — remove the app immediately and revoke any permissions it was granted. Consider performing a factory reset if you are concerned that the app may have installed additional malware

•      Change all passwords — change your banking passwords, UPI PINs, email passwords, and any other credentials that may have been compromised

•      File a police complaint — visit your local police station or the Cyber Crime police station in your city to file a formal First Information Report (FIR)

•      Preserve all evidence — take screenshots of the app, the messages or links that directed you to it, and any transaction records before uninstalling

For IT Professionals: The Certifications That Build Cyber Fraud Defence Skills

The Tuby app scam represents a class of threat that certified cybersecurity professionals are specifically trained to understand, prevent, and respond to. For IT professionals in India who want to build careers in cybersecurity — and contribute to India's growing need for digital fraud defence expertise — here are the most relevant certification paths:

 

Certification	Why It Matters for Cases Like the Tuby App Scam
CompTIA Security+	The foundational global cybersecurity certification. Covers social engineering, phishing, malware, mobile security, and threat identification — all directly relevant to the Tuby app attack vector.
Certified Ethical Hacker (CEH)	Teaches offensive security thinking. CEH holders understand how fraudsters design fake apps, harvest credentials, and conduct social engineering attacks — essential for building effective defences.
CompTIA CySA+	Cybersecurity analyst credential covering threat intelligence, behavioural analysis, and incident response. Directly applicable to investigating and responding to mobile fraud cases.
Certified Information Security Manager (CISM)	Management-level credential covering incident response, risk management, and information security policy — relevant for IT managers responsible for cybercrime awareness programmes in organisations.
ISO/IEC 27001 Lead Implementer	International information security management standard. Covers the policies and controls that organisations implement to protect employees from social engineering and fraudulent app attacks.
CCSP (Certified Cloud Security Professional)	Covers mobile application security, app store vetting, and cloud-delivered security controls — directly relevant to the threat posed by rogue mobile applications like Tuby.
Digital Forensics & Incident Response (DFIR)	Covers how cybercrime investigators trace fraudulent transactions, identify attackers, and recover evidence — the skills used by I4C and Bengaluru Cyber Crime police to investigate cases like this one.

 

The Growing Demand for Cybersecurity Professionals in India

India faces a severe and widening cybersecurity talent shortage. According to industry estimates, India needs over 1 million cybersecurity professionals by 2027 — but currently has fewer than 250,000. This gap creates extraordinary career opportunities for IT professionals who invest in cybersecurity certifications.

The demand is being driven from multiple directions simultaneously:

•      Government — I4C, state Cyber Crime units, CERT-In, and the National Critical Information Infrastructure Protection Centre (NCIIPC) all require certified cybersecurity professionals

•      Banking and financial services — RBI guidelines mandate that banks maintain robust cybersecurity infrastructure and incident response capabilities

•      IT services — TCS, Infosys, Wipro, HCL, and every major Indian IT services firm has growing cybersecurity practices serving global enterprise clients

•      Startups and fintech — India's startup ecosystem, with its reliance on digital payments, mobile apps, and cloud infrastructure, requires cybersecurity expertise at every growth stage

•      Corporate India — every organisation that processes employee, customer, or financial data has a growing legal and reputational obligation to secure it

For IT professionals in Bengaluru — India's technology capital and the city where the Tuby app scam occurred — cybersecurity roles offer among the highest salary premiums in the technology sector. Certified professionals command 30 to 50% salary premiums over non-certified peers in equivalent roles.

Frequently Asked Questions

Q1: What was the Tuby app and how did it scam users?

Tuby was a fraudulent mobile application that promised free access to paid OTT platforms including Netflix. It was distributed through third-party channels rather than official app stores. After installation, it harvested victims' banking credentials and personal information, which fraudsters used to steal money from their bank accounts. A 35-year-old store manager in Bengaluru lost Rs 1 lakh to this scam.

Q2: How can I tell if a free OTT or subscription offer is a scam?

Key warning signs include: the app is not available on Google Play Store or Apple App Store; the offer promises free access to services that normally cost money; the app requests excessive permissions (SMS, contacts, banking access); you are asked to enter banking or payment details to access free content; there is no verifiable company or contact information behind the offer; and the offer is promoted through WhatsApp forwards or social media rather than official platform channels.

Q3: What should I do immediately if I have been scammed?

Call 1930 (India's national cybercrime helpline) immediately, report the fraud at cybercrime.gov.in, contact your bank's fraud helpline to freeze your account, uninstall the fraudulent app, change all passwords and PINs, file a police complaint, and preserve all evidence including screenshots of the app and messages.

Q4: What is I4C and how does it help cybercrime victims?

The Indian Cyber Crime Coordination Centre (I4C) is a central government agency under the Union Ministry of Home Affairs. It coordinates cybercrime response across India, operates the national cybercrime reporting portal at cybercrime.gov.in, and runs the 1930 helpline. It works with state police forces, banks, and other agencies to investigate cybercrime and assist victims.

Q5: What cybersecurity certifications are most valuable for combating fraud like the Tuby scam?

The most relevant certifications include CompTIA Security+ (foundational security covering social engineering and mobile threats), Certified Ethical Hacker (CEH), CompTIA CySA+ (threat detection and incident response), CISM (security management), CCSP (cloud and mobile application security), and Digital Forensics & Incident Response (DFIR) credentials. Certizon offers globally recognised programmes across all of these tracks.

Build Digital Safety — for Yourself, Your Organisation, and Your Community

The Bengaluru store manager who lost Rs 1 lakh to the Tuby app scam is not unusual. Cyber fraud victims include educated professionals, experienced business people, and technology-aware individuals across every income level and city in India. The fraud works not because victims are careless but because it is carefully designed to bypass our natural defences.

The most powerful counter is knowledge — specifically, the kind of structured, certified knowledge that cybersecurity professionals develop through rigorous training. For IT professionals who want to build careers in cybersecurity and contribute to India's digital safety, Certizon's certification programmes provide the foundation.

Visit certizon.com to explore our full cybersecurity certification catalogue, access free trial courses, and speak with a career advisor today.

Free Netflix costs nothing. Certified cybersecurity knowledge is worth everything.