Alaskans Report Record-Breaking Financial Losses from Cyber-Enabled Crimes — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated Apr 30, 2026

Severity: MEDIUM | View Full Scam Details

Alaskans Report Record-Breaking Financial Losses from Cyber-Enabled Phishing Scams in India, 2026

Alarming new phishing tactics similar to those used in Alaska are causing growing financial losses in India, targeting everyday users through WhatsApp and social media manipulation.

What Is the Alaskans Report Record-Breaking Financial Losses from Cyber-Enabled Crimes?

This scam made headlines in Alaska for causing record-breaking financial losses through cyber-enabled phishing schemes. But what’s worrying is that very similar tactics have begun to spread in India, adapting to our digital ecosystem. These scams target individuals by exploiting social media information and messaging apps like WhatsApp to impersonate trusted contacts or authority figures. The goal is to steal sensitive information such as Aadhaar details, UPI PINs, or bank OTPs, ultimately draining victims’ bank accounts.

In India, this scam fits into the broader category of phishing attacks, which are increasingly common. The Indian government agencies like the Reserve Bank of India (RBI), CERT-In (Indian Computer Emergency Response Team), and the Integrated Financial Crime Investigation and Coordination Centre (I4C) have all issued alerts emphasizing the rising threat from socially engineered cyber scams. Reports show a steady increase in UPI fraud cases where attackers lure victims through fake messages and steal money, making this a medium-risk scam with a risk score of 5/10 on Indian threat scales.

The scam has spread extensively in urban and semi-urban areas, especially to smartphone users who rely heavily on WhatsApp for communication and mobile payments. While the scam originated overseas, its Indian variation preys on the country’s massive digital payment and social networking growth, putting millions at risk.

How This Scam Works — Step by Step

The fraudsters follow a precise and psychological approach to make the scam believable:

1. Research on Social Media: Attackers comb Facebook, Instagram, LinkedIn, and sometimes even regional platforms to collect names, contacts, and interests of potential victims.
2. Initial Contact via WhatsApp: Using fake or cloned WhatsApp numbers, scammers send a message pretending to be a friend, colleague, bank official, or government representative.
3. Gaining Trust: The scammer references personal information (birthday, workplace, recent posts) to appear genuine and trustworthy.
4. Phishing Links or Requests: The victim receives a link to “verify their Aadhaar details,” “reactivate UPI payments,” or “reset bank credentials.” Sometimes, they are asked to share OTPs or PINs directly through chat.
5. Data Theft and Account Access: Once sensitive information is shared, attackers use it to access bank accounts or digital wallets.
6. Money Transfer: Using UPI or net banking, the scammer quickly transfers money, exploiting the victim’s authentication details.
7. Covering Tracks: The scammer may block or delete the victim, leaving them unaware until financial transactions appear on their bank statement.

This attack closely mirrors phishing hacks seen across India where immediate and emotional triggers (fear of losing Aadhaar access or banking facilities) are often used.

Real Warning Signs to Watch For

• Messages from unknown or slightly altered WhatsApp numbers claiming to be your contacts.
• Urgent requests to share OTPs or PINs under the pretext of “security verification.”
• Links directing you to unofficial websites or those with misspelled domain names.
• Unexpected messages referencing your personal details without you sharing them first.
• Pressure to act immediately to avoid supposed bans or account blocks.
• Requests to download apps or scan QR codes that seem suspicious.
• Unsolicited calls or messages from “banks” or “government officials” that ask for private data.

What Happens to Victims

Victims often face significant financial loss as scammers empty bank accounts via UPI or net banking transfers. The process is swift, and reversals are challenging due to authenticated transactions. Many suffer emotional distress from betrayal by someone posing as a trusted contact. Cases of Aadhaar misuse also emerge when biometric or personal data are stolen, leading to unexpected loans or identity theft. Additionally, SIM swap frauds have led to victims losing control over mobile numbers used for banking OTPs, intensifying the risk of further unauthorized transactions.

The difficulty in recovering money, even after reporting to banks or filing complaints, adds to victims’ frustration. The loss is not just monetary but also affects trust in digital payment systems widely used in India.

What RBI and CERT-In Say

The Reserve Bank of India regularly issues warnings about phishing scams and advises customers never to share OTPs or PINs with anyone, even if messages appear authentic. RBI’s helpline (tel. 1800-123-4455) and CERT-In (cybercrime.gov.in) have stressed vigilance around unsolicited messages requesting any sensitive data. CERT-In’s 1930 helpline is specifically designated for reporting cyber frauds.

Furthermore, the RBI mandates that all digital payments must involve strong two-factor authentication, and no genuine bank official will request credentials over WhatsApp or calls. The I4C center also works closely to coordinate investigations and spread awareness about evolving cyber threats in India.

How to Protect Yourself

1. Never share OTP or UPI PINs with anyone, no matter who they claim to be.
2. Verify contact identities by calling known numbers independently before responding to messages.
3. Avoid clicking on links received through unsolicited WhatsApp messages or SMS.
4. Enable WhatsApp two-step verification to avoid number cloning.
5. Use official bank apps downloaded from trusted stores and refrain from using third-party payment apps.
6. Check website URLs carefully when asked to enter sensitive information; always prefer HTTPS.
7. Report suspicious calls or messages immediately to your bank and CERT-In’s 1930 helpline.

What to Do If You’ve Been Targeted

• Immediately contact your bank to block or freeze your account or UPI ID.
• File a complaint with the cybercrime portal at cybercrime.gov.in.
• Call the CERT-In helpline at 1930 to report the scam.
• Change all online banking passwords and enable multi-factor authentication.
• Inform your mobile service provider if you suspect SIM swap fraud.
• Keep records of all calls, messages, and transactions for investigation.
• Inform family and friends to prevent them from becoming victims of the same scam.

Frequently Asked Questions

Q: Can I get my money back if I shared my OTP in this scam?
A: Unfortunately, once authenticated UPI or bank transactions are done, reversals are difficult. While banks may attempt recovery, they are not obligated to refund losses caused by sharing OTPs under fraud.

Q: How can I confirm if a message about Aadhaar or bank details verification is genuine?
A: Official agencies or banks never ask for sensitive details on WhatsApp or SMS. Always verify by calling the official customer care numbers or logging into trusted websites.

Q: Does enabling WhatsApp two-step verification help protect against these scams?
A: Yes, it adds an extra security layer preventing someone from easily cloning your WhatsApp, reducing risk of impersonation fraud.

To stay safe from scams like these and verify suspicious WhatsApp messages or calls, always visit BharatSecure.app — India’s trusted platform for digital fraud awareness. Stay alert, stay secure!