Digital Arrest and Fake Agency Impersonation — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated May 28, 2026

Severity: CRITICAL | View Full Scam Details

Beware in 2026: Digital Arrest and Fake Agency Impersonation Scam Spreading on WhatsApp in India

Scammers impersonating top Indian agencies like the CBI are targeting Whatsapp users with fake digital arrest threats — leading to financial loss and personal data theft.

What Is the Digital Arrest and Fake Agency Impersonation?

The digital arrest scam is a growing cybercrime pattern reported by victims across India. In this scheme, fraudsters contact individuals through WhatsApp messages or calls, claiming to be from reputed government law enforcement bodies such as the Central Bureau of Investigation (CBI), Enforcement Directorate (ED), or local police departments. Victims are falsely told they are under digital arrest due to alleged involvement in crimes ranging from money laundering to fraud.

This scam primarily targets internet users who actively share personal details on social media or use UPI and mobile wallets, as these fraudsters often collect data from leaked databases or public profiles. According to cybercrime complaints reported to Indian authorities, cases have surged in mid-2026, with victims spanning urban and rural areas, showing the widespread reach of this tactic.

Indian cybersecurity agencies like CERT-In and the Ministry of Home Affairs’ Indian Cyber Crime Coordination Centre (I4C) have issued warnings about such impersonation scams. The Reserve Bank of India (RBI) has also cautioned users against unauthorized digital transactions linked to fraudulent KYC (Know Your Customer) verification demands made by these imposters.

How This Scam Works — Step by Step

1. Initial Contact via WhatsApp or Call: The fraudster sends a WhatsApp message or a call claiming to be from CBI, ED, or local police, using a phone number that resembles an official line (e.g., +91 98XXXXXX12). The message or call often references an alleged case registered against the victim involving digital or financial fraud.

2. Creating Fear Through False Legal Threats: The alleged official informs the victim of a "digital arrest" or legal action, demanding immediate cooperation to avoid arrest or property seizure.

3. Request for KYC and Personal Details: The caller demands Aadhaar details, bank account numbers, or UPI IDs (e.g., us**@bank) supposedly to verify the victim’s identity and resolve the matter swiftly.

4. Sending Malicious Links or Asking for OTPs: Victims receive a link claiming to be from the agency’s "official portal", but in reality, it is a fake website designed to steal login credentials or infect the device with spyware.

5. Convincing Victims to Transfer Money: Using fear and urgency, scammers pressure victims to transfer money via UPI or bank transfer for “bail” or fines—funds often transferred to fraudulent accounts.

6. Continuous Harassment: After receiving money, scammers may continue calls demanding more payments or threaten to leak sensitive information if payments stop.

7. Loss Realization: Victims understand only after losing money or noticing suspicious banking activity and unauthorized UPI transactions.

Real Warning Signs to Watch For

• Messages or calls claiming urgent legal action or "digital arrest" without any prior notice.
• Caller IDs that mimic government agencies but come from personal or mobile numbers (not official landlines).
• Requests for Aadhaar details, KYC documents, or OTP codes via WhatsApp or phone.
• Links that direct you to non-governmental URLs with poor website design or incorrect domain names.
• Pressure to send money immediately via UPI, especially to unknown IDs (e.g., us**@bank).
• Lack of official documentation or no option to verify the claim through real government websites.
• Threats or harassment if you refuse to comply or delay responding.

What Happens to Victims

Victims face severe financial loss as money is transferred to untraceable accounts via UPI apps or net banking. Since UPI payments are usually instant and cannot be reversed easily, many complainants find it difficult to recover funds. Fraudsters may also misuse stolen Aadhaar information or KYC data to attempt SIM swaps or open fraudulent bank accounts in the victim’s name, leading to further identity theft or financial damage.

Beyond monetary loss, victims experience intense psychological stress due to the fear induced by fake legal threats. Reporting such incidents to local police or cybercrime cells becomes necessary but can be time-consuming, adding to the trauma.

What RBI and CERT-In Say

The Reserve Bank of India (RBI) has repeatedly warned users not to share OTPs, passwords, or Aadhaar details with unknown sources and cautions against clicking suspicious links received over social media or messaging apps. RBI’s advisory highlights the need for vigilance during any KYC update requests to avoid financial fraud.

CERT-In (Indian Computer Emergency Response Team) advises users to verify any official communication by independently contacting the agency through known official numbers and reporting suspicious messages to the government’s cybercrime reporting portal.

Indian Cyber Crime Coordination Centre (I4C) urges the public to immediately report such impersonation incidents through the national helpline 1930 and file complaints at cybercrime.gov.in to enable quicker action by authorities.

How to Protect Yourself

1. Do not respond to unsolicited legal notices via WhatsApp or calls, especially from unknown numbers.
2. Never share your Aadhaar, bank details, OTPs, or passwords over the phone or messaging apps.
3. Verify any claims of arrest or investigations by calling official agency numbers listed on government websites.
4. Avoid clicking on links that come via WhatsApp claiming to be from law enforcement agencies.
5. Enable UPI PIN protection and SMS transaction alerts on your mobile banking apps.
6. Regularly check your Aadhaar-linked bank accounts for unauthorized activity.
7. Report suspicious calls or messages to cybercrime.gov.in and call the 1930 helpline immediately.

What to Do If You’ve Been Targeted

If you have been contacted by scam callers alleging digital arrest:

• Do not transfer any money or share your personal details further.
• Immediately block the caller’s number on WhatsApp and your phone.
• Contact your bank to freeze your accounts or block UPI transactions, especially if you have shared details.
• File a complaint on the cybercrime.gov.in portal or visit your nearest police station with all evidence (call logs, WhatsApp chats).
• Call the national cybercrime helpline **1930 to report the incident and seek guidance.**
• Inform your mobile service provider if you fear SIM swap or Aadhaar misuse.

Frequently Asked Questions

Q: Can real government agencies arrest someone via WhatsApp or phone call?
A: No, official agencies like the CBI do not arrest or issue legal notices solely through WhatsApp or phone calls. They follow proper procedure with written notices and in-person communication.

Q: What should I do if I receive a message claiming I am digitally arrested?
A: Do not engage with the sender. Verify independently by contacting the agency through official channels and report the message to cybercrime authorities immediately.

Q: How can scammers use my Aadhaar if I share it?
A: Fraudsters can misuse Aadhaar details for identity theft, fake KYC to open bank accounts, apply for loans, or perform SIM swaps, causing long-term financial and privacy damage.

Stay alert! Always verify suspicious messages or calls claiming to be from government agencies at BharatSecure.app, and report fraud quickly by calling 1930.

Disclaimer: This article describes a pattern of fraud reported in public sources for public-safety awareness. It is not legal, financial, or medical advice. To request correction or removal of any content, write to hello@bharatsecure.app.