Fake electricity bill leads to cyber fraud, SBI ordered to pay refund — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated May 26, 2026

Severity: MEDIUM | View Full Scam Details

Fake Electricity Bill Scam in India 2026: How Cybercriminals Trick You & SBI Ordered to Refund Victims

Millions of Indians face a new phishing scam in 2026 where fake electricity bills lead to cyber fraud, causing financial loss and distress.

What Is the Fake Electricity Bill Leads to Cyber Fraud Scam?

This cyber fraud involves scammers sending counterfeit electricity bills to unsuspecting users across India. These fake bills often appear on WhatsApp, SMS, or email, closely mimicking authentic bills issued by local electricity boards—complete with logos, meter numbers, and account details. The intent is to deceive recipients into paying these bogus bills through what looks like legitimate payment methods such as UPI QR codes or links.

Scammers target a broad range of electricity consumers — from regular households to small businesses — leveraging the widespread dependence on electricity bills. Given that electricity is an essential monthly expense, victims generally pay without suspicion. This scam has affected various states, with increasing complaints reported to Indian cybercrime authorities. In a landmark development, the State Bank of India (SBI) was ordered by the Consumer Disputes Redressal Commission to refund money lost by victims who inadvertently paid through fake payment portals linked to SBI UPI IDs.

The RBI and CERT-In have issued advisories reminding consumers to verify bill payment sources before making any transactions, highlighting the growing threat of phishing scams exploiting everyday necessities.

How This Scam Works — Step by Step

1. Fake Bill Delivery: The scam starts when you receive a message on WhatsApp, SMS, or email containing a “new electricity bill.” The message looks official—often carrying the logo of your regional electricity board (like Tata Power, BSES Delhi, or BESCOM in Bangalore).

2. Bill Details & QR Code: The fake bill includes your consumer number, due date, and an urgent payment notice. A UPI QR code or a clickable link is added, appearing to be a trusted payment gateway.

3. Victim Clicks Link or Scans QR: Believing the bill is authentic, the victim either scans the QR code using Google Pay, PhonePe, or BHIM app or clicks the payment link.

4. Payment Goes to Fraudster’s Account: Instead of paying the utility provider, the money is transferred to the scammer’s UPI-linked bank account or wallet. The portal or UPI ID may impersonate legitimate bank identifiers like those of SBI or HDFC.

5. No Confirmation & Follow-up Attempts: The real electricity board never receives payment, so they may send reminders. Meanwhile, the scammer has already cleared the victim’s account.

6. Victim Realizes Loss: After unsuccessful attempts to check bill status or pay again, victims realize money has vanished. Contacting the bank or utility company often leads to delays or confusion.

Real Warning Signs to Watch For

• Unexpected or unusually high electricity bill notifications outside your billing cycle.
• Messages or bills with spelling mistakes, poor grammar, or wrong logos.
• Payment links or QR codes that do not redirect to official utility websites or known UPI apps.
• WhatsApp messages from unknown or new numbers claiming to be your electricity provider.
• Lack of contact details or official email addresses from the utility company.
• Urgent payment requests threatening disconnection or penalty without prior notice.
• Receiving multiple similar reminders or bills for the same month.

What Happens to Victims

Victims of this scam suffer financial losses ranging from hundreds to several thousand INR, depending on the fraudulent amount transferred. Since UPI payments are instant and irreversible, recovering funds is challenging. Additionally, victims face emotional stress due to disrupted electricity supply if utilities suspend services for non-payment. Some cases also involve misuse of Aadhaar or SIM swapping to intercept OTPs or transaction SMS, making it easier for scammers to clear accounts without user consent.

Victims often struggle with the slow redressal process and may incur additional losses while trying to secure their bank accounts and identities. The fear of digital fraud also reduces trust in digital payments and online communication channels, which are essential for India’s growing digital economy.

What RBI and CERT-In Say

The Reserve Bank of India (RBI) has continuously warned consumers about phishing scams targeting banking and payment apps like UPI. RBI’s recent circulars stress verifying payment requests before authorizing transactions. CERT-In (Indian Computer Emergency Response Team) maintains updated advisories on phishing, urging citizens to avoid clicking on suspicious links or scanning unknown QR codes.

The Ministry of Home Affairs also runs the I4C (Indian Cyber Crime Coordination Centre), providing a helpline at 1930 to report cybercrimes, including payment frauds. RBI has a dedicated helpline number for banking frauds — customers can reach out to their banks immediately for blocking compromised accounts or UPI IDs.

How to Protect Yourself

1. Verify Bills Directly: Always check your electricity bill on the official website or app of your utility provider before making payments.

2. Avoid Clicking Random Links: Never trust payment links or QR codes sent unsolicited via WhatsApp or SMS.

3. Use Official Apps: Make bill payments only through verified apps like your electricity board’s app, BHIM UPI, or your bank’s official app.

4. Inspect Messages Carefully: Look out for spelling errors, logo discrepancies, and sender details.

5. Set UPI PIN and Enable Alerts: Protect your UPI transactions by safeguarding your PIN and enabling transaction alerts via SMS or email.

6. Update Phone Security: Regularly update your smartphone OS and security patches to prevent malware that could intercept payments or OTPs.

7. Report Suspicious Messages: Forward suspicious electricity bill messages to the utility provider’s helpline or BharatSecure.app for verification.

What to Do If You’ve Been Targeted

1. Immediately Contact Your Bank: Freeze or block your payment instruments (UPI, debit/credit card) immediately.

2. File a Cybercrime Complaint: Visit cybercrime.gov.in to report the incident or call the 1930 cybercrime helpline.

3. Report to Electricity Board: Inform your electricity provider of the fake bill and pending payments.

4. Change Your UPI PIN: Reset UPI or online banking passwords.

5. Check Aadhaar & SIM Status: Contact your mobile operator to secure your SIM and check for any unauthorized activity.

6. Keep All Evidence: Save screenshots, messages, and payment receipts for official use.

7. Seek Legal Help: If needed, approach consumer courts, as SBI was ordered to refund victims in a recent case.

Frequently Asked Questions

Q: Can I get my money back if I paid a fake electricity bill by mistake?
A: It’s difficult but not impossible. Report immediately to your bank and the electricity board. Banks like SBI have been ordered to refund victims if negligence is proven, but timely action is critical.

Q: How can I check if an electricity bill message is genuine?
A: Cross-verify by logging into your utility provider's official website or app. Do not rely solely on messages or links sent through WhatsApp or SMS.

Q: What should I do if I receive an electricity bill message from an unknown number?
A: Do not click any links or scan codes. Contact your electricity provider’s official helpline to verify the message’s authenticity.

Don’t let scammers trick you with fake bills! Always verify suspicious messages before you pay. Stay alert and protect your money by checking every payment request on BharatSecure.app.