ऑनलाइन सिर्फ ₹299 की ड्रेस खरीदना मुंबई की नर्स को पड़ा महंगा, गंवाए 1 लाख रुपये — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated May 01, 2026

Severity: HIGH | View Full Scam Details

₹299 Dress Scam: How Mumbai Nurse Lost ₹1 Lakh in 2026 (Phishing Alert India)

Cheap online deals can be tempting, but they often hide a dangerous truth: phishing scams designed to steal your money.

What Is the ऑनलाइन सिर्फ ₹299 की ड्रेस खरीदना मुंबई की नर्स को पड़ा महंगा, गंवाए 1 लाख रुपये?

This scam, as highlighted by the case of a Mumbai nurse, preys on individuals searching for bargain prices on clothing and other goods online. Fraudsters lure victims with advertisements promising unbelievably low prices – in this case, a dress for just ₹299. These ads are usually disseminated through social media platforms like WhatsApp, Facebook, and Instagram, due to their broad reach and ability to target specific demographics. Scammers exploit the inherent desire for good deals, creating a sense of urgency and excitement to cloud victims' judgment. The core of the scam involves phishing: tricking you into revealing sensitive financial information or installing malware that steals your data. It’s not limited to clothing; scammers use the same tactics to sell electronics, household items, and even fake services.

The prevalence of such scams is on the rise in India, fueled by increasing internet penetration and the popularity of online shopping. Unfortunately, many Indians are unaware of these sophisticated phishing techniques, making them vulnerable to financial loss. Indian Computer Emergency Response Team (CERT-In) regularly issues advisories on phishing attacks and online fraud, highlighting the need for increased vigilance. While no specific advisory directly references dress scams, their broader advisories regarding online purchase fraud apply directly to this situation.

How This Scam Works — Step by Step

Here’s a breakdown of how this particular scam typically unfolds:

1. Enticing Advertisement: The victim encounters an advertisement on WhatsApp or another social media platform displaying a trendy dress for an unbelievably low price (₹299). The ad usually features attractive images and persuasive language to create a sense of urgency.
2. Clicking the Link: Clicking on the advertisement redirects the victim to a fake website or a fraudulent page within a legitimate-looking e-commerce platform.
3. Fake Website/Page: The website is designed to imitate a popular online retailer, complete with logos, product descriptions, and even customer reviews. This creates a false sense of security and trust.
4. Request for Payment: The victim proceeds to purchase the dress. The site prompts them to enter their payment information, including credit/debit card details, UPI ID, or net banking credentials. They might also request KYC information under false pretenses.
5. OTP/PIN Theft: Scammers may ask for an OTP (One-Time Password) or UPI PIN to "complete" the transaction. This OTP is actually used to authorize a fraudulent transaction from the victim's account to the scammer's account.
6. Money Transfer: The victim unknowingly transfers money to the scammers. In this case, the Mumbai nurse lost ₹1 lakh, indicating that the scammers may have gained access to her account details and conducted multiple fraudulent transactions. They may even call pretending to be bank representatives to further manipulate her into approving these transactions.
7. No Product Delivered: The victim never receives the promised dress, and all attempts to contact the seller are unsuccessful. The fake website disappears or becomes unresponsive.

Real Warning Signs to Watch For

• Unbelievably Low Prices: If a deal seems too good to be true, it probably is. Extremely low prices compared to other retailers are a major red flag.
• Urgency and Time Pressure: Scammers often create a sense of urgency by using phrases like "Limited Time Offer," "Act Now," or "Only a Few Items Left" to rush you into making a decision.
• Suspicious Website URL: Check the website address carefully. Look for misspellings, unusual characters, or a domain name that doesn't match the supposed retailer. Also, verify if the website has a valid SSL certificate (HTTPS in the address bar and a padlock icon).
• Requests for Sensitive Information: Be wary of websites or individuals that request sensitive information such as your Aadhaar number, OTP, UPI PIN, or net banking password. Legitimate retailers will never ask for this information over email or messages.
• Poor Grammar and Spelling: Phishing websites often contain grammatical errors, typos, and awkward phrasing. This is a sign that the site is not professionally created and may be fraudulent.
• Payment Gateway Redirection to Unknown Site: If the payment process redirects you to a suspicious-looking or unfamiliar payment gateway, immediately cancel the transaction.
• Unsolicited WhatsApp Messages: Be extra cautious about links and offers shared via unsolicited WhatsApp messages, especially from unknown numbers.

What Happens to Victims

The impact of these scams extends beyond financial loss. Victims often experience significant emotional distress, including feelings of shame, anger, and anxiety. The financial losses can disrupt their lives, especially for individuals with limited resources. In India, the fraudulent transactions often occur via UPI, making traceability challenging. The misuse of Aadhaar details, if compromised, can lead to identity theft and further fraud. SIM swap scams, where fraudsters acquire a victim's mobile number, can give them access to OTPs and other sensitive information, compounding the damage.

What RBI and CERT-In Say

The Reserve Bank of India (RBI) frequently issues public awareness campaigns urging customers to be cautious about online transactions and to never share their banking details, OTPs, or PINs with anyone. They emphasize the importance of using secure payment methods and verifying the legitimacy of websites before making payments. CERT-In also provides regular alerts and advisories regarding phishing attacks and online fraud, offering guidance on how to identify and avoid scams. They encourage users to report cybercrime incidents to the appropriate authorities. The government of India's I4C (Indian Cybercrime Coordination Centre) is actively working to combat cybercrime and provides resources for reporting and addressing cyber fraud. The national cybercrime reporting portal cybercrime.gov.in and the 1930 cybercrime helpline are cornerstones of India's response to cybercrime.

How to Protect Yourself

1. Verify Website Security: Before entering any personal or financial information, ensure the website is secure (HTTPS and padlock icon in the address bar).
2. Research the Seller: Look for reviews and feedback about the seller before making a purchase. Check for complaints or negative comments online.
3. Use Strong Passwords: Create strong, unique passwords for all your online accounts. Avoid using the same password for multiple accounts.
4. Enable Two-Factor Authentication (2FA): Whenever possible, enable 2FA on your important accounts to add an extra layer of security.
5. Be Cautious of Unsolicited Messages: Avoid clicking on links or downloading attachments from unknown senders or suspicious sources. Be extra wary of unsolicited WhatsApp messages offering unbelievable deals.
6. Use a Virtual Credit Card or Limited Use UPI ID: If possible, use a virtual credit card or a limited-use UPI ID for online transactions to minimize your risk.
7. Keep Your Software Updated: Regularly update your operating system, web browser, and antivirus software to protect against malware and other threats.

What to Do If You've Been Targeted

1. Report to Cybercrime Helpline: Immediately call the cybercrime helpline at 1930 to report the incident.
2. File a Complaint: File a formal complaint on the national cybercrime reporting portal, cybercrime.gov.in. Provide all relevant details, including screenshots of the fraudulent advertisement and transaction details.
3. Contact Your Bank: Immediately contact your bank to report the fraudulent transaction and block your credit/debit cards or UPI ID. Request a chargeback if possible.
4. Change Your Passwords: Change the passwords for all your online accounts, especially those associated with your bank or financial institutions.
5. Monitor Your Accounts: Regularly monitor your bank statements and credit reports for any suspicious activity.
6. Report to Law Enforcement: Consider filing a police report at your local police station.
7. Inform Friends and Family: Share your experience with friends and family to warn them about the scam.

Frequently Asked Questions

Q: What is phishing, and how is it used in this ₹299 dress scam?

A: Phishing is a type of online fraud where scammers try to trick you into revealing sensitive information like your passwords, credit card details, or UPI PIN. In this dress scam, they use fake websites and appealing ads to lure you into providing this information. Once they have it, they can access your accounts and steal your money.

Q: I saw a similar ad for a very cheap product. Should I buy it?

A: Be extremely cautious. If the price seems unrealistic, it's likely a scam. Before buying anything, research the seller, check for reviews, and make sure the website is secure. Also, trust your gut: If something feels off, it probably is.

Q: What if I accidentally clicked on the link but didn't enter my information? Am I still at risk?

A: Even if you didn't enter your information, clicking on a suspicious link can expose you to risks. The website could try to install malware on your device, so run a full antivirus scan. Also, be more vigilant about suspicious emails or messages, as scammers may now know you are a