​​Investigations into unauthorised debits through PhonePe revealed the use of a malicious app named 'PM Kisan Yojna,' and this app was distributed via multiple channels, including WhatsApp and gained control over user's SMS and device permissions.