When money runs out before the month does, an instant loan app promising “cash in minutes” can feel like a lifeline. For many Indians dealing with sudden medical bills, rent pressure or delayed salaries, these apps offer something traditional banking often cannot: speed.
But authorities say some of these platforms operate as predatory networks that collect personal data and allegedly use it as a tool for recovery and intimidation.
In its latest crackdown on illegal digital lending, the Indian Cybercrime Coordination Centre (I4C) under the Ministry of Home Affairs has issued a notice directing Google to remove access to six allegedly malicious loan applications from the Play Store within 36 hours. The March 30 notice accused the apps of targeting Android users seeking quick loans, allegedly harvesting sensitive personal information and later harassing borrowers through coercive recovery tactics.
The notice alleged that the apps disguised themselves as legitimate lending platforms, luring users with promises of instant approval and low-interest loans before allegedly harassing borrowers with exorbitant repayment demands. It also accused the apps of collecting highly sensitive data, including Aadhaar details, financial information, contacts, photographs and camera access.
The six apps named in the notice included com.line.flex.credit.line, oi.bottalk.ctara, com.credit.path.service.customers.tech.app, com.ganeshfast.personal.loan.app, com.lakhvad.ankganit.app and com.jackloans.potpro. The government invoked provisions of the Information Technology Act, 2000, and the Bharatiya Nyaya Sanhita, 2023, while directing Google to disable access to the apps without disturbing evidence.
The notice further stated that the malicious loan applications were hosted on the Google Play Store and promoted through digital advertisements on the platform, raising fresh concerns over how such apps continue to reach users despite tighter platform regulations.
The hidden cost of instant credit
For many users, the trouble begins after the loan is disbursed. Government notices and cybercrime investigations into illegal lending platforms show that many such apps seek broad access to contacts, galleries, storage, location and cameras. Once repayments are delayed, the same information can allegedly be used to pressure borrowers.
Recovery agents linked to such apps have repeatedly been accused of calling relatives, friends, colleagues and even employers. Some borrowers say they were threatened, abused or publicly shamed into repaying exorbitant amounts.
The emotional impact of such practices has become increasingly difficult to ignore.
In Kerala, the death of first-year dental student Nithin Raj earlier this year renewed scrutiny around digital loan apps and recovery tactics. Police registered a case against the loan app InstaPay after allegations of intimidation and harassment surfaced during the investigation. The case triggered outrage and reignited concerns over the unchecked growth of predatory lending platforms operating online.
The problem is not limited to one state. In Telangana, authorities have described instant loan app fraud as one of the state’s fastest-growing cybercrime threats. According to a report by the Telangana Cyber Security Bureau, complaints linked to fraudulent loan apps rose sharply in 2025, with victims reporting blackmail, public shaming and threats after apps gained access to personal data stored on their phones. Many of those targeted were students, homemakers and low-income users searching for quick financial relief.
Investigators say the pattern is often similar. Borrowers are drawn in through advertisements promising instant approval and minimal paperwork. Once an app is installed, operators allegedly gain access to contacts, photographs and messages. Even after repayments are made, some users continue to face intimidation and repeated demands for money.
Investigators and cybercrime officials have also warned that such apps are often promoted aggressively through Facebook, Instagram and messaging channels, where promises of “instant approval” and “quick cash” are used to attract financially vulnerable users. Experts say users need to be cautious while clicking on financial advertisements across social media platforms, as many fraudulent lending apps rely heavily on digital promotions to reach potential victims.
Cyber safety awareness handles linked to I4C have repeatedly warned users about fake loan apps, fraudulent financial advertisements and online scams circulating across digital platforms, urging people to verify lending platforms before downloading apps or sharing personal information. In one such post shared by CyberDost, the government-backed cyber awareness handle warned users against fraudulent instant loan apps and online financial scams.
Fight against rogue lending apps
The latest government action also shows how illegal lending apps continue to slip through mainstream digital platforms despite tighter regulations.
Over the past two years, both the Reserve Bank of India and the Centre have tried to tighten oversight of digital lending platforms. In 2025, the RBI operationalised a public directory of Digital Lending Apps, allowing users to check whether a platform is linked to a regulated bank or NBFC. The government has also pushed internet intermediaries and app stores to strengthen screening systems for illegal loan app advertisements, especially those linked to offshore operators.
Google, too, introduced stricter India-specific rules for personal loan apps on the Play Store. Under the updated policy, digital lending apps are required to comply with RBI-linked requirements and provide supporting documentation before being allowed on the platform.
The latest takedown notice shows that illegal loan apps are still slipping through despite stricter rules.
According to cybercrime investigations and government advisories, illegal lending operators often disappear and return under different names. Some circulate cloned apps, while others rely on APK download links shared through Telegram channels, WhatsApp forwards and social media advertisements. By the time one network is blocked, another often surfaces.
The concern now goes far beyond unauthorised lending. Increasingly, experts warn that such apps rely on invasive access to personal data to pressure borrowers.
The I4C notice specifically warned that the malicious applications were harvesting personally identifiable information, including Aadhaar details and financial records. Such access can create a dangerous imbalance of power between borrowers and operators, especially when users are unaware of the permissions they grant while installing an app.
The Reserve Bank of India has also proposed tighter safeguards for recovery practices, including restrictions on contacting borrowers’ acquaintances and stronger protections against privacy violations and harassment.
For ordinary users, however, the threat remains immediate.
Cybersecurity experts advise borrowers to verify whether a lending platform appears on the RBI’s approved directory and to remain cautious of apps demanding unnecessary access to contacts, photographs or files. Legitimate lenders, they note, do not require unrestricted access to someone’s personal life to process a loan.
The March 30 notice may have named only six apps, but it points to a much larger problem unfolding quietly across India’s digital economy.
For millions searching for urgent credit, a few desperate taps on a smartphone can sometimes lead to months of harassment, fear and humiliation.