Fake Google Anniversary Reward Scam — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated May 28, 2026

Severity: MEDIUM | View Full Scam Details

Beware in 2026: Fake Google Anniversary Reward Scam Targets Indians with Fake Lottery Prizes

A widespread cyber lottery scam in India uses fake Google anniversary rewards to trick users into sharing personal data, leading to financial loss and identity theft.

What Is the Fake Google Anniversary Reward Scam?

The Fake Google Anniversary Reward Scam is a high-risk fraud targeting internet users in India by claiming they have won a prize celebrating Google’s anniversary. Victims receive unsolicited messages—often through WhatsApp, SMS, or email—featuring official-looking Google logos and polished designs to make the communication appear genuine. These messages promise cash rewards, gift vouchers, or smartphones to lure people into clicking links or submitting personal information.

This scam exploits the trust Indian users have in Google as a globally recognized brand. It disproportionately affects those who regularly use smartphones and digital payment services like UPI and online banking. Cybercrime reports indicate a rising number of incidents across multiple states, with some victims losing significant sums through unauthorized bank transactions or data misuse.

While no specific advisory targets this exact scam, the Indian Computer Emergency Response Team (CERT-In) and the Indian Cybercrime Coordination Centre (I4C) have repeatedly warned against phishing attempts and fraudulent lottery messages involving fake brand impersonations. The Reserve Bank of India (RBI) has emphasized not sharing OTPs or bank details with unknown contacts to prevent financial losses.

How This Scam Works — Step by Step

1. Initial Contact: The victim receives a message via WhatsApp, SMS, or email claiming to be from Google, congratulating them on winning an anniversary reward. This message includes compelling graphics and a countdown timer creating urgency (“Claim within 15 minutes!”).

2. Link to Fake Website: Clicking the provided link directs the victim to a counterfeit website designed to look like an official Google page. This site often requests sensitive information such as Aadhaar number, mobile number, bank account details, or even Google account login credentials.

3. Data Entry and Verification: The victim is asked to fill in forms or complete simple “verification” tasks, such as entering an OTP or sharing personal details supposedly to confirm the reward.

4. Exploitation: Once personal data is shared, fraudsters may misuse Aadhaar details for unauthorized KYC updates or SIM swaps. Bank details and login credentials can enable them to initiate fraudulent UPI transfers or debit funds directly.

5. Financial Loss: Victims may notice unauthorized debits from their bank accounts or receive alerts of new SIM activations. In many cases, the damage is irreversible, causing loss of money and loss of control over digital identities.

Real Warning Signs to Watch For

• Messages claiming you’ve won a prize without prior participation or registration.
• Urgent countdown timers pressuring you to act immediately.
• Links with strange or misspelled URLs pretending to be official Google domains.
• Requests for sensitive personal data like Aadhaar number, bank details, passwords, or OTPs.
• Communications coming from unknown or unofficial phone numbers or emails.
• Poor grammar, spelling mistakes, or generic greetings instead of your name.
• Offers that sound too good to be true — large cash prizes or electronic gifts for free.

What Happens to Victims

Victims of this scam often suffer both financially and emotionally. Unauthorized UPI transactions can drain savings as reversals through banks or NPCI often fail once fraud occurs. Misuse of Aadhaar details risks identity theft, leading to fraudulent loans or subscriptions. SIM swaps enabled by data leakage can cause permanent loss of mobile access, cutting off two-factor authentication for important accounts.

Apart from monetary loss, many targeted users report stress, anxiety, and mistrust towards legitimate digital services, impacting their willingness to use online payments and digital IDs confidently.

What RBI and CERT-In Say

The Reserve Bank of India continuously advises never to share OTPs, debit card PINs, or UPI PINs with anyone, including people claiming to be from tech companies. It also recommends reporting suspicious calls or messages immediately to your bank’s fraud department.

CERT-In has issued warnings against phishing and fake lottery scams, urging users in India to verify the authenticity of any prize notification through official channels only. The Indian Cybercrime Coordination Centre (I4C) operates the 1930 helpline, where victims can report cyber frauds including phishing and data theft.

How to Protect Yourself

1. Ignore unsolicited messages claiming lottery wins or rewards from companies like Google you didn’t engage with.
2. Never click on links or buttons in suspicious WhatsApp, SMS, or emails; instead, visit official websites directly.
3. Do not share personal information such as Aadhaar number, bank account details, passwords, or OTPs in response to prize claims.
4. Check the sender’s contact carefully—official companies do not use random phone numbers or email addresses.
5. Avoid giving Google account credentials or any login details on third-party websites.
6. Use UPI apps with added protection features, such as transaction alerts and biometric authentication.
7. Report any suspicious activity or communication to the 1930 cybercrime helpline and your bank without delay.

What to Do If You’ve Been Targeted

• Immediately contact your bank to block or freeze your accounts connected to the compromised data.
• Change passwords for your Google account and any associated email or banking apps.
• Report the incident to the police or file a complaint online at cybercrime.gov.in.
• Call the 1930 National Cybercrime Helpline to seek expert assistance and guidance.
• Inform your mobile service provider if you suspect SIM swap or unauthorized SIM activation.
• Monitor your bank statements and credit reports regularly for any unusual transactions.
• Stay alert for follow-up phishing attempts, as fraudsters may try to exploit the same victim again.

Frequently Asked Questions

Q: How can I verify if a Google reward message is legitimate?
Official Google rewards or promotions never arrive unsolicited via WhatsApp or random SMS. Always check Google’s official website or contact their verified support channels to confirm any offers.

Q: I shared my Aadhaar number on the scam site; can fraudsters misuse it?
Yes, leaking your Aadhaar can lead to identity theft, unauthorized KYC updates, or SIM swaps. If this happens, report to UIDAI and monitor for any unauthorized changes to your Aadhaar details.

Q: Is it possible to get my money back if I paid through UPI to scammers?
UPI payments are often irreversible in fraud cases once successful. RBI advises immediate reporting to your bank and the cybercrime helpline to explore possible remedies, but prevention is crucial.

If you receive suspicious messages claiming lottery wins or rewards, verify them at BharatSecure.app before clicking any links or sharing data. To report fraud or take quick action, dial the 1930 cybercrime helpline.

Disclaimer: This article describes a pattern of fraud reported in public sources for public-safety awareness. It is not legal, financial, or medical advice. To request correction or removal of any content, write to hello@bharatsecure.app.