Clickbait Phishing (Government Scheme Impersonation) — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated May 27, 2026

Severity: CRITICAL | View Full Scam Details

Beware in 2026: Clickbait Phishing Scam Masquerading as Government Schemes Targets Indians

Millions of Indians are at critical risk of losing money and personal data through fake government scheme alerts spread via WhatsApp and SMS.

What Is the Clickbait Phishing (Government Scheme Impersonation)?

Clickbait Phishing (Government Scheme Impersonation) is a rapidly growing cybercrime in India where fraudsters trick people with fake alerts about popular government programs like PM Kisan Samman Nidhi, Ayushman Bharat health benefits, or LPG subsidy refunds. These scams exploit the trust Indians place in government initiatives, exploiting urgent or attractive messages to lure victims into clicking malicious links.

This scam primarily targets everyday internet users, especially farmers, senior citizens, and low-tech-savvy people who regularly engage with government schemes. Given the extensive reach of smartphones and WhatsApp in India, these phishing tricks have become widespread across rural and urban areas alike.

The Indian Computer Emergency Response Team (CERT-In) and the Indian government's I4C (Indian Cyber Crime Coordination Centre) have issued several advisories warning users to be cautious of unsolicited messages claiming to be government grants or refunds. The Reserve Bank of India (RBI) has also alerted the public about fake links aiming to steal banking and UPI credentials.

How This Scam Works — Step by Step

1. Initial Contact: A victim receives a WhatsApp message, SMS, or email stating urgent news such as “Your PM Kisan subsidy is expiring,” or “You are eligible for a new LPG subsidy refund.” The message usually contains a sense of urgency to trick the target into quick action.

2. Clicking the Link: The scam message includes a link designed to look like an authentic government website—often using similar logos, Hindi/English languages, and official seals. The links may show slightly different URLs but appear trustworthy at a glance.

3. Entering Personal Data: Once the victim visits the fake site, they are asked to fill in sensitive information like Aadhaar number, bank account details, mobile number linked to UPI, OTPs (one-time passwords), or login credentials for net banking and payment apps.

4. Data Theft and Misuse: The scam operators capture this data, giving them full access to the victim’s bank accounts, UPI apps, and Aadhaar-linked services.

5. Financial Loss: Using the stolen data, fraudsters carry out unauthorized bank transfers, UPI payments, or even SIM swap attacks to drain the victim’s funds or make fraudulent transactions.

6. Covering Tracks: Victims often realize the deception too late, as scammers can quickly change UPI PINs using the stolen information, making reversal of transactions extremely difficult.

Real Warning Signs to Watch For

• Messages urging immediate action like “Claim your subsidy before midnight” or “Your LPG refund will expire soon.”
• Unsolicited links promising large government payouts or grants without prior application.
• Websites that do not use official government domains ending with “.gov.in” or provide unusual URLs with spelling errors.
• Requests for sensitive details such as Aadhaar numbers, OTPs, banking passwords, or UPI PINs through these links.
• Messages with poor grammar, spelling mistakes, or inconsistent use of Hindi and English.
• No official government portal mentions these claims if searched online; genuine schemes require registration on official websites.
• Links forwarded repeatedly by unknown WhatsApp contacts or appearing in broadcast messages.

What Happens to Victims

Victims often suffer immediate financial loss when scammers use stolen UPI credentials or net banking details to transfer money out of their accounts. In 2026, many Indians still rely heavily on UPI for daily transactions, and a compromised UPI ID can drain bank accounts in minutes. Unlike credit cards, these transactions are often irreversible once completed.

Beyond money loss, victims may face emotional trauma, anxiety, and loss of trust in genuine government communications. Furthermore, identity theft using leaked Aadhaar data can lead to long-term complications, including SIM swap frauds that enable criminals to intercept OTPs and access other sensitive accounts. Cases reported to the 1930 cybercrime helpline often mention the difficulty victims face in regaining financial stability or clearing their identities after such scams.

What RBI and CERT-In Say

RBI’s guidelines emphasize not sharing OTPs, UPI PINs, or banking passwords with anyone, highlighting that banks or government agencies will never ask for these details via SMS or WhatsApp. CERT-In advises users to verify government schemes directly from official portals and avoid clicking suspicious links, especially those that arrive unexpectedly on messaging platforms.

The Government of India’s I4C encourages people to report phishing messages promptly on the national cybercrime reporting portal cybercrime.gov.in. The 1930 cybercrime helpline is available to assist victims in freezing compromised accounts and filing official complaints.

How to Protect Yourself

1. Verify Government Messages: Always check official government websites like pmkisan.gov.in or ayushmanbharat.gov.in before trusting any subsidy or grant-related message.
2. Don’t Click Unexpected Links: Avoid clicking on URLs sent via WhatsApp or SMS claiming you are eligible for a refund or subsidy unless you initiated contact.
3. Never Share OTP/UPI PIN: No government agency asks for OTPs, passwords, or PINs—do not disclose these under any circumstance.
4. Check Website URLs: Genuine government websites end with “.gov.in.” Look carefully for subtle spelling changes or fake extensions like “.com” or “.in” instead.
5. Use Official Apps: Access government scheme information via authentic apps or portals rather than unknown third-party links.
6. Keep Your Phone Secure: Activate SIM lock using PINs and regularly update mobile security software to prevent SIM swap fraud.
7. Report Suspicious Messages: Forward phishing messages to BharatSecure.app or report on cybercrime.gov.in for quick action.

What to Do If You've Been Targeted

• Immediately call your bank’s helpline to freeze your account and block UPI transactions.
• Report the scam to the RBI helpline and the 1930 cybercrime helpline operated by the Government of India.
• File a complaint online at cybercrime.gov.in providing full details of the scam and the phishing link.
• Change all passwords for net banking, UPI apps, and Aadhaar-linked services.
• Inform your mobile operator to check for SIM swapping and secure your phone number with a PIN.
• Keep records of all messages, transaction IDs, and any communication for investigation.
• Consult with BharatSecure.app’s resources to learn more about protecting yourself and recovering from such scams.

Frequently Asked Questions

Q: How can I be sure a government scheme message is genuine?
A: Always verify government scheme-related claims by visiting official portals ending in “.gov.in” or using verified government apps. Avoid links sent in forwarded WhatsApp messages or SMS unless they come directly from government sources.

Q: What should I do if I accidentally clicked a fraudulent government scheme link?
A: Do not enter any information. If data is submitted, immediately change your banking passwords, contact your bank to block your account, and report the incident to the 1930 cybercrime helpline and cybercrime.gov.in.

Q: Can my bank reverse fraudulent UPI transactions conducted through phishing?
A: UPI transactions are generally instant and irreversible once authorized. RBI encourages reporting fraud early to banks and cyber authorities. While some banks may investigate, prevention and immediate action are the best safeguards.

Stay safe from these scams! Always verify suspicious messages and links related to government schemes at BharatSecure.app — India’s trusted platform to protect you from digital fraud.