Delhi HC Seeks Framework to Curb UPI Frauds — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated May 17, 2026

Severity: HIGH | View Full Scam Details

Delhi HC Seeks Framework to Curb UPI Frauds in India — What You Must Know in 2026

UPI fraud is becoming one of India’s most alarming cybercrime threats, with millions losing money through clever scams exploiting trust and technology.

What Is the Delhi HC Seeks Framework to Curb UPI Frauds?

The Delhi High Court recently urged the central government and tech regulators to develop a robust framework to tackle the rising wave of frauds targeting India’s Unified Payments Interface (UPI). UPI has revolutionized digital payments since its inception, facilitating billions of transactions daily across banks and wallets. However, this convenience has also attracted cybercriminals aiming to defraud innocent users, especially those less tech-savvy.

This new call by the Delhi HC comes after alarming reports of rampant UPI fraud cases where victims lost lakhs of rupees due to deceptive tactics. These scams disproportionately affect middle-class Indians and senior citizens who rely heavily on apps like Google Pay, PhonePe, and BHIM for everyday transactions.

Authorities like the Reserve Bank of India (RBI), CERT-In (Indian Computer Emergency Response Team), and the Indian Cyber Crime Coordination Centre (I4C) have issued warnings, but the absence of a coordinated framework has allowed scammers to stay a step ahead. The court wants clear protocols for banks, payment service providers, and law enforcement to follow when UPI frauds occur, to ensure faster relief and stronger prevention measures.

How This Scam Works — Step by Step

1. Initial Contact via WhatsApp or Social Media: Scammers find victims through WhatsApp groups or Facebook, posing as bank representatives, payment app agents, or government officials offering “easy loans,” “instant cashback,” or “exclusive investment opportunities.”

2. Building Trust: The fraudster engages in casual chat, sharing fake documents, or using cloned profiles of genuine officials to lower the victim's suspicion.

3. Malicious App Link or OTP Request: Victims receive a link to install a fake banking or UPI app, which contains malware to steal personal data like Aadhaar details, debit card info, or UPI PINs. Alternatively, fraudsters ask victims to share an OTP received via SMS or call, deceptively claiming it’s for verification.

4. Social Engineering: Using fear or urgency, the fraudster convinces the victim to approve UPI payment requests or add them as a trusted contact, enabling unauthorized fund transfers.

5. Transaction and Money Transfer: The victim unknowingly authorizes multiple UPI transactions, often of thousands to lakhs of rupees, which the scammers quickly withdraw or transfer out.

6. Covering Tracks: Scammers may frequently change phone numbers, deactivate fake apps, or lure victims into silence with empty promises of refunds.

Real Warning Signs to Watch For

• Unsolicited WhatsApp or call messages offering loans, rewards, or “special offers” from unknown numbers.
• Requests to share OTPs received via SMS or calls — Never share OTPs.
• Links to download apps from unofficial sources instead of Google Play Store or App Store.
• Pressure or threats to complete payments quickly to avoid “penalties” or “account suspension.”
• Poor grammar and inconsistent language in messages posing as official bank communication.
• Being asked to add unknown contacts on payment apps or approve unknown payees.
• Notifications of multiple UPI payment requests you did not initiate.

What Happens to Victims

Victims often face devastating financial loss as UPI payments, once authorized, are tough to reverse unless caught early. Unlike credit card fraud, UPI debit transactions go directly from bank accounts, leaving victims without immediate protection. Furthermore, scammers sometimes misuse stolen Aadhaar data or perform SIM swap frauds to intercept OTPs, making recovery difficult.

The emotional toll is equally severe — victims feel betrayed, worried about their financial security, and frustrated by slow or ineffective support from banks. Many hesitate to report due to embarrassment, allowing the fraudsters to continue targeting others.

What RBI and CERT-In Say

The Reserve Bank of India has consistently warned users to keep their UPI PIN confidential, avoid sharing OTPs, and use only official apps for payments. The RBI’s grievance redressal portal and helpline provide dedicated support for victims of digital payment frauds.

CERT-In encourages users to report cyber fraud incidents to the national 1930 cybercrime helpline or local law enforcement, stressing timely reporting to limit damage. The Indian Cyber Crime Coordination Centre (I4C) works with stakeholders to monitor trends and strengthen collaboration between banks and cyber agencies.

Though no single advisory currently mandates a unified protocol to deal with UPI fraud victims, the Delhi High Court’s push aims to change this, recommending mandatory detection, swift compensation, and stronger preventive measures.

How to Protect Yourself

1. Never share your UPI PIN or OTP with anyone – not even bank officials.
2. Download payment apps only from trusted sources like Google Play or the Apple App Store.
3. Ignore unsolicited messages offering loans, cashback, or investment tips – verify independently.
4. Do not click on suspicious links or install unknown apps linked from WhatsApp or SMS.
5. Enable device security features like phone lock, app passwords, and biometric authentication.
6. Regularly check your bank and UPI transaction history for any unauthorized activity.
7. Report any suspicious calls, messages, or app behavior immediately to your bank and cybercrime authorities.

What to Do If You've Been Targeted

• Immediately block your UPI or bank app access using customer support or net banking.
• Contact your bank’s fraud helpline and request a transaction freeze or reversal.
• Report the fraud to the nearest cybercrime police station or through the National Cybercrime Reporting Portal at cybercrime.gov.in.
• Call the CERT-In 1930 helpline for guidance on protecting your device and data.
• File a formal complaint citing transaction details, identity proof, and communication records with the police and bank.
• Monitor your Aadhaar and other linked accounts for misuse; request blocking or updating where suspicious.
• Stay in touch with your bank till the issue is resolved; escalate to RBI if unsatisfied with response.

Frequently Asked Questions

Q: Can I recover money lost through UPI fraud?
A: Recovering money depends on how quickly you report the fraud. The RBI encourages banks to resolve complaints within 30 days, but reversals are not guaranteed if you shared your PIN or OTP willingly. Always report fraud immediately to increase chances of recovery.

Q: How does SIM swap affect UPI security?
A: SIM swap fraud lets scammers receive OTPs and calls meant for you, making it easier to approve UPI transactions. To prevent this, avoid sharing personal info and regularly contact your mobile operator to check for unauthorized SIM changes.

Q: If I receive a suspicious loan offer via WhatsApp, should I trust it?
A: No. Legitimate banks never send loan offers randomly or ask for OTPs or PINs via chat. Always verify offers directly through your bank's official channels before sharing any information.

Stay alert and verify suspicious messages or contacts at BharatSecure.app — your trusted partner against digital fraud in India. Protect your money, protect yourself!