Bank employee held for facilitating cyber fraud by opening fake account — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated May 27, 2026

Severity: HIGH | View Full Scam Details

Bank Employee Held for Facilitating Cyber Fraud by Opening Fake Accounts in India — 2026 KYC Fraud Alert

Cyber fraud through fake bank accounts is a major threat in India, with insiders playing a crucial role in enabling these crimes.

What Is the Bank Employee Held for Facilitating Cyber Fraud by Opening Fake Account Scam?

This scam revolves around dishonest bank employees who open fake or fraudulent bank accounts using forged or stolen identity documents. These accounts are then used by cybercriminals to launder money, carry out phishing or OTP fraud, or siphon funds from unsuspecting victims. In early 2026, a Delhi bank employee was arrested for allegedly assisting scammers by opening numerous fake bank accounts without proper KYC verification. This act not only breaches banking protocols but makes it easier for criminals to operate anonymously.

The scam often targets ordinary citizens who unknowingly become victims when money is diverted from their accounts to these fake accounts. The RBI, India’s central banking authority, along with CERT-In (Indian Computer Emergency Response Team) and the I4C (Indian Cyber Crime Coordination Centre), have repeatedly warned about rising KYC fraud cases. Opening fake accounts to bypass official rules undermines trust in financial institutions and exposes customers to greater risk of scam and identity theft.

India’s push towards digital payments through UPI and mobile banking has increased the stakes. Fraudsters exploiting fake accounts can move money quickly, making detection difficult. Authorities say such insider-enabled scams are growing in urban centres like Delhi, Mumbai, and Bengaluru, posing a high risk to consumer safety and the financial system’s integrity.

How This Scam Works — Step by Step

1. Recruitment or Corruption of Bank Employee: Fraudsters approach or bribe bank insiders willing to help open accounts without proper KYC, or with forged documents. These employees bypass mandatory checks during account creation.

2. Opening Fake Bank Accounts: Using the compromised employee, multiple fake or dormant accounts are created under false or stolen identities. These accounts generally lack any legitimate financial activity.

3. Targeting Victims via Social Channels: Scammers find victims through WhatsApp messages, social media, or phishing SMS pretending to be from banks. They often send fake KYC update requests, asking for personal details or OTPs.

4. Gaining Trust and Access: As victims respond, scammers use personal info to get access to their real bank accounts, often requesting UPI PINs or OTPs under false pretenses.

5. Transferring Money to Fake Accounts: Once the victim’s account is compromised, money is shifted to the fake accounts opened by the insider. This layering of transactions helps launder stolen funds.

6. Withdrawal or Conversion: Money sitting in fake accounts is then withdrawn via ATMs, transferred via UPI, or used for illegal purchases, making tracing difficult.

7. Covering Tracks: The insider employee often deletes or tampers with electronic records to avoid detection, delaying bank and law enforcement responses.

Real Warning Signs to Watch For

• Unexpected messages asking to update KYC or bank details via WhatsApp or SMS.
• Receiving OTP or UPI PIN requests from unknown numbers or disguised as your bank.
• Bank statements showing transactions to unfamiliar accounts.
• Sudden activation of new bank accounts or cards without your knowledge.
• Calls or messages pressuring you to share personal information urgently.
• Notifications from your bank about changes in registered mobile numbers or communication channels you didn’t set.
• Delays or inability to access your bank account or UPI wallet after suspicious activity.

What Happens to Victims

Victims suffer significant financial loss, often running into thousands or even lakhs of INR, as fraudsters drain their accounts via UPI or NEFT transfers. Unlike credit card fraud, where liability can sometimes be limited, stolen funds from bank saving accounts or linked Aadhaar-based UPI transactions are harder to recover due to delayed reporting and complex interbank processes.

Emotionally, victims face stress, loss of trust in digital banking, and the burden of navigating cumbersome complaint procedures. Many victims are also at risk of identity theft because fake accounts opened using their stolen Aadhaar or PAN details can be used for illegal activities, potentially implicating them in crimes they know nothing about. SIM swap fraud is often linked, where mobile numbers linked to bank accounts are fraudulently transferred, further escalating damage.

What RBI and CERT-In Say

The Reserve Bank of India (RBI) has issued several circulars mandating strict KYC compliance and penalizing banks for insider frauds. In 2024, RBI tightened guidelines requiring biometric and in-person verification for account opening, aimed to curb fake accounts.

CERT-In provides alerts on social engineering tactics linked to bank fraud and recommends enhanced awareness among banking personnel and customers alike. The Indian Cyber Crime Coordination Centre (I4C) encourages immediate reporting of suspicious bank transactions, citing helpline 1930 for cybercrime complaints. RBI’s customer helpline (1800-11-0222) is available for immediate grievance redressal related to banking frauds.

Both RBI and CERT-In emphasize the importance of verifying messages and never sharing OTPs or PINs over phone or WhatsApp, no matter how official the request appears.

How to Protect Yourself

1. Never share OTPs, PINs, or passwords with anyone, including bank staff or officials calling you.
2. Verify any KYC update requests independently by contacting your bank’s official customer care.
3. Regularly check your bank statements and UPI transaction history for unauthorized activity.
4. Register and promptly update your mobile number with your bank, and never disclose your SIM-related details elsewhere.
5. Use Aadhaar authentication only on official government or bank portals — avoid OTP or biometric sharing through unofficial apps.
6. Alert your bank immediately if you receive suspicious messages or calls requesting your banking details.
7. Install and update antivirus apps and BharatSecure.app to stay informed about latest scams.

What to Do If You’ve Been Targeted

1. Immediately block your debit/credit cards and freeze your bank account by calling your bank’s helpline.
2. Report the fraud to your bank’s fraud department and request a written acknowledgment.
3. File a complaint at the national cybercrime portal: cybercrime.gov.in.
4. Call the 1930 cybercrime helpline for guidance on next steps.
5. Inform your mobile operator if you suspect SIM swap or loss.
6. Lodge an FIR at your local police station, including all transaction details and communications from scammers.
7. Monitor your credit reports regularly for unauthorized loans or transactions.

Frequently Asked Questions

Q1: Can a bank employee opening a fake account affect me directly?
Yes. Fake accounts opened internally can be used by scammers to move money fraudulently, sometimes causing your real account to be targeted or implicated. This can lead to financial loss and legal complications for you.

Q2: How is KYC fraud different from phishing scams?
KYC fraud involves bypassing or falsifying the Know Your Customer process, often with insider help, to open unauthorized accounts. Phishing scams try to trick victims into giving sensitive information. Both can be linked but are distinct fraud types.

Q3: What proof do I need to report a fake account-related scam?
Keep all SMS, WhatsApp messages, emails, bank statements showing unauthorized transactions, and any recorded calls if possible. Screenshots of fake KYC requests or any suspicious communication help authorities investigate faster.

Stay alert and safeguard your money. When in doubt, always verify suspicious messages and bank communications at BharatSecure.app — your trusted partner in fighting digital fraud.