Aadhaar Mobile Hijacking at CSC Centers — How to Identify & Stay Safe
INDIA — By BharatSecure Threat Intelligence Team ·
Severity: CRITICAL | View Full Scam Details
🛡️ Want to check if you've received this scam?
Check This Scam on BharatSecure →Aadhaar Mobile Hijacking Scam at CSC Centers in India 2026: How to Stay Safe
In 2026, a critical scam targeting Aadhaar-linked mobile numbers through CSC (Common Service Centers) is sweeping across India, putting millions at risk of identity theft and financial loss.
What Is the Aadhaar Mobile Hijacking at CSC Centers?
Aadhaar Mobile Hijacking at CSC Centers is a dangerous new scam in India where fraudsters exploit vulnerabilities in the Aadhaar-linked mobile number update process available at CSCs. These centers are government-approved kiosks meant to help citizens access services like Aadhaar enrollment, banking, and government schemes. Unfortunately, scammers have turned these trusted centers into a prime spot to manipulate unsuspecting individuals.
This scam specifically targets people seeking help with Aadhaar updates or financial services, especially in rural and semi-urban areas where CSCs are heavily used. Fraudsters pose as CSC operators or helpers, convincing victims to share personal details such as OTPs (One Time Passwords), Aadhaar numbers, and bank UPI credentials through WhatsApp or SMS. After gaining access, they request a mobile number change on the victim’s Aadhaar account, effectively hijacking the victim's digital identity.
The scale of this scam is alarming, with reports surging from states like Uttar Pradesh, Maharashtra, and Tamil Nadu. The Indian Cybercrime Coordination Centre (I4C) and CERT-In have issued alerts warning citizens to be extra cautious, noting the increasing cases of financial fraud linked to Aadhaar misuse via CSC channels.
How This Scam Works — Step by Step
Initial Contact via WhatsApp/SMS: The victim receives a WhatsApp message or SMS claiming to be from a CSC operator or government agency offering help to update Aadhaar or grant financial benefits.
Social Engineering to Establish Trust: The scammer convinces the victim about the urgency, often quoting government schemes like PM Kisan or financial relief, urging immediate Aadhaar-linked mobile update.
Request for Sensitive Information: They ask for the victim’s Aadhaar number, registered mobile number, and fake OTP verification under the pretense of “verification,” but this OTP is actually used for fraud.
Mobile Number Change Request at CSC: The fraudster visits or instructs the victim to visit the CSC, where the operator uses the obtained details to request an Aadhaar mobile number change. This transfers control of Aadhaar-linked transactions to the scammer’s mobile number.
Financial Exploitation: With control over the new mobile number linked to Aadhaar and bank accounts, scammers initiate UPI transactions, take control of WhatsApp linked to your number, and block your OTPs, locking you out of banking apps.
Loss Realization and Aftermath: Victims realize their mobile is hijacked only after funds are transferred and transactions completed, making it difficult to reverse due to the authenticated Aadhaar linking.
Real Warning Signs to Watch For
- Unexpected messages from unknown numbers claiming to help with Aadhaar or government schemes.
- Urgent demands to share OTPs, Aadhaar details, or personal data via WhatsApp or SMS.
- Offers requiring visiting CSC centers for mobile number updates or new SIM card activation.
- CSC operators pressuring for immediate verification without proper ID proof checking.
- SMS or WhatsApp messages requesting Aadhaar-linked mobile number changes without your prior request.
- Sudden loss of mobile network or inability to access banking/UPI apps shortly after interaction with CSC.
- Any request to share secret PINs, UPI passwords, or authorize transactions remotely.
What Happens to Victims
Victims of Aadhaar Mobile Hijacking face severe hardships. Financially, crooks can drain bank accounts by initiating UPI payments or linking fraudulently updated mobile numbers to loan apps. Since Aadhaar is a primary KYC document in India, misuse can wipe out savings or lead to unauthorized credit in victims’ names.
Emotionally, victims suffer stress, anxiety, and loss of trust in digital services. The process to reclaim accounts is complex. UPI payment reversals are often slow or impossible when fraudsters have authenticated transactions with OTPs sent to the hijacked mobile. This scam also makes victims vulnerable to further identity theft — like taking new loans, opening bank accounts, or executing property fraud.
What RBI and CERT-In Say
The Reserve Bank of India (RBI) and CERT-In have raised red flags about scams tied to mobile number hijacking and Aadhaar misuse. RBI’s guidelines emphasize never sharing OTPs or Aadhaar details with anyone and using only verified CSCs or government-approved channels for updates.
CERT-In recommends regularly monitoring bank statements, updating mobile SIM security features such as SIM locks, and reporting suspicious messages immediately. The Indian Cybercrime Coordination Centre (I4C) urges citizens to use the 1930 Cybercrime helpline for reporting such incidents and warns against sharing personal details over WhatsApp or SMS with unknown contacts.
How to Protect Yourself
- Never share your Aadhaar number or OTP over WhatsApp, SMS, or calls.
- Verify the identity of anyone asking for Aadhaar-related updates through CSC or government schemes.
- Always update mobile numbers linked to Aadhaar through official online portals or authorized centers after confirming authenticity.
- Do not hand over your mobile phone or SIM card to anyone saying they’ll update your Aadhaar.
- Enable SIM lock and mobile carrier PIN/password for additional SIM security.
- Regularly check your bank and UPI transaction history for any unauthorized activity.
- Avoid responding to urgent or threatening messages related to Aadhaar or bank accounts.
What to Do If You've Been Targeted
- Immediately call your mobile network provider to block or suspend your SIM card.
- Contact your bank to freeze your accounts and flag fraudulent transactions.
- Report the incident to the 1930 Cybercrime helpline or file a complaint at cybercrime.gov.in.
- Lodge a police complaint at your local station citing Aadhaar/mobile number hijacking.
- Change passwords for all banking, UPI, and Aadhaar-related apps or portals.
- Notify UIDAI (Unique Identification Authority of India) to flag your Aadhaar for suspicious activity.
- Inform BharatSecure.app to get assistance verifying suspicious messages or calls.
Frequently Asked Questions
Q: Can scammers really change my Aadhaar-linked mobile number from a CSC?
Yes. Through fraudulent documents or identity theft at some unscrupulous CSCs, scammers can request mobile number changes if they have your Aadhaar and OTP details.
Q: Will RBI reimburse my losses if money is stolen via UPI after my mobile is hijacked?
RBI mandates banks to reimburse victims in genuine fraud cases if reported promptly. However, delays in reporting or sharing OTPs can complicate claims.
Q: How do I know if my Aadhaar mobile number has been changed without my consent?
You may receive SMS alerts about changes, or fail to receive OTPs on your phone. Regularly check your Aadhaar status on the official UIDAI website or app.
India’s digital safety depends on informed citizens. If you receive suspicious messages or calls related to Aadhaar or mobile updates, don’t rush. Stop. Verify first. Visit BharatSecure.app to check and report scams before they harm you or your family. Stay safe, India!
Related Scams in Our Database
- Fake School Admission Portal Scam — Severity: MEDIUM
- Fake TRAI Survey and Data Request Scam — Severity: MEDIUM
- Limited Police Access Hindering Aadhaar Fraud Probes — Severity: MEDIUM
Verify Any Suspicious Message
Check any suspicious message, link, or call for free at bharatsecure.app.