Fake PM-Kisan Portal Login Scam — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated May 29, 2026

Severity: HIGH | View Full Scam Details

Beware the Fake PM-Kisan Portal Login Scam in India 2026: Protect Your UPI and Aadhaar Details

A growing number of farmers and citizens in India are falling victim to a sophisticated Fake PM-Kisan Portal Login Scam that targets UPI payments and WhatsApp users seeking government subsidies.

What Is the Fake PM-Kisan Portal Login Scam?

This scam involves fraudsters creating deceptive websites that look almost identical to the official PM-Kisan portal, a government platform offering financial aid to farmers under the PM-Kisan Samman Nidhi scheme. The scam primarily targets farmers and rural users actively trying to access subsidy-related information or payments. By mimicking the real portal’s interface, these fake websites try to trick victims into entering sensitive details such as Aadhaar number, mobile number, UPI PIN, and bank account credentials.

According to public complaints received by cybercrime authorities and warnings issued by CERT-In (India’s Cyber Emergency Response Team), these scam websites often spread through WhatsApp forwards, Facebook posts, and SMS messages. The fake sites sometimes even appear on the first page of search engine results when users search for PM-Kisan subsidy updates, increasing the likelihood of victimization. This scam has become widespread across various Indian states, especially in rural areas where digital literacy levels vary.

Authorities including the RBI and I4C (Indian Cyber Crime Coordination Centre) have raised alarms over these fake portals due to the high risk of financial loss, identity theft linked with Aadhaar misuse, and UPI-related fraud.

How This Scam Works — Step by Step

1. Initial Contact: A victim receives a WhatsApp message, Facebook link, or SMS claiming to provide easy access to PM-Kisan subsidy updates or payment status. The message includes a URL that looks similar to the official PM-Kisan government site.

2. Fake Website Access: The victim clicks the link and lands on the cloned PM-Kisan portal requesting login credentials – typically Aadhaar number, registered mobile number, and sometimes OTP verification. The site may also ask the user to “verify” their UPI or bank account tied to their Aadhaar.

3. KYC and UPI Details Capture: To confirm eligibility, the fake portal asks the victim for sensitive information such as their Aadhaar number, bank account details, UPI ID (for example us**@bank), and even the UPI PIN under the guise of "authorization".

4. WhatsApp Link for Verification: The scammer often instructs victims to send an OTP or payment link via WhatsApp to "activate" or "unlock" subsidy payments. This is typically disguised as part of a KYC or validation step.

5. Funds Transfer or Data Theft: With the UPI PIN and bank details, fraudsters initiate unauthorized UPI transactions draining money directly from the victim’s bank account. If Aadhaar details are compromised, the fraud can involve misuse of sim swap or identity theft for other financial frauds.

6. Disappearance and Account Block: Once enough money is siphoned off, the victim notices failed transactions or missing subsidies. Attempts to log back into the real PM-Kisan portal fail due to changed credentials or SIM blocked by scammers.

Real Warning Signs to Watch For

• URLs that do not end with “gov.in” or official PM-Kisan domain but closely resemble it.
• Requests for UPI PIN or full bank account details, which genuine government portals never ask.
• Messages asking you to send OTPs or payment authorizations on WhatsApp instead of proper RBI-authorized apps.
• Urgency or pressure to complete “verification” steps quickly to avoid subsidy cancellation.
• Poor grammar, spelling mistakes, or unusual layouts on the website claiming to be government.
• Unsolicited messages from unknown numbers or forwards from unverified contacts.
• Search results showing suspicious websites ranked above official government links.

What Happens to Victims

Victims often suffer immediate financial losses due to unauthorised UPI debits from their linked bank accounts. Unlike credit card chargebacks, UPI transactions are authorised instantly and cannot always be reversed, leaving victims with blocked funds. In many cases, the Aadhaar details leaked through these scams lead to SIM swap related fraud, allowing scammers to intercept OTPs for further fraud. The psychological impact on financially vulnerable farmers can be severe, causing distrust of digital payments and government schemes.

Recovering stolen funds can be a long, complicated process involving bank complaints, police reports, and cybercrime investigations. Some victims also end up locked out of their own government subsidy accounts due to changed passwords or compromised credentials.

What RBI and CERT-In Say

The Reserve Bank of India (RBI) regularly cautions users about sharing UPI PINs or OTPs with anyone — including on unofficial portals or WhatsApp. CERT-In has issued advisories warning about fake government portals used for phishing Aadhaar, bank, and UPI details.

The National Cyber Crime Reporting Portal supported by I4C recommends never entering personal or financial information on websites received via unsolicited messages. They urge users to verify URLs carefully and register complaints for incidents via cybercrime.gov.in or the national helpline 1930.

How to Protect Yourself

1. Always access the PM-Kisan portal by typing the official URL directly (pmkisan.gov.in) or via verified government channels only.
2. Never share your Aadhaar number, UPI PIN, OTP, or bank details on links received through WhatsApp, SMS, or social media forwards.
3. Verify any subsidy message by calling your bank’s official helpline or the PM-Kisan toll-free number.
4. Use RBI-approved UPI apps and avoid authorizing payments through third-party websites.
5. Check website URLs carefully for “.gov.in” domain and avoid sites with suspicious domain extensions or misspellings.
6. Update your smartphone with latest security patches and use app permission settings wisely.
7. Report suspicious messages immediately to 1930 helpline and file a complaint at cybercrime.gov.in.

What to Do If You’ve Been Targeted

• Contact your bank immediately to block or freeze your bank account and UPI ID.
• Report the unauthorized transactions to your bank’s grievance cell and request a UPI transaction reversal if possible.
• File a cybercrime complaint on the national portal at cybercrime.gov.in providing details of the fake portal and correspondence.
• Register a complaint with the 1930 national cybercrime helpline for assistance and guidance.
• Change passwords for your Aadhaar-linked services and check your mobile SIM status with your telecom provider to guard against sim swap fraud.
• Inform family or farmer community groups to alert others about this scam and prevent further victimization.

Frequently Asked Questions

Q1: How can I tell if a PM-Kisan portal website is genuine?
Always check if the website has the official .gov.in domain and access it only through verified government links. Avoid clicking on forwarded WhatsApp or social media URLs.

Q2: Can the bank reverse money lost through this scam on UPI?
UPI payments are instant and authorized by your PIN; reversals depend on the bank’s policies and the specifics of the case. Report quickly to your bank and cybercrime authorities for the best chance.

Q3: What should I do if I mistakenly submitted my Aadhaar and UPI details on a fake site?
Immediately contact your bank to block UPI transactions, report the incident to cybercrime portals, and monitor your accounts for unauthorized activity. Also inform your telecom provider to check for SIM swap fraud.

For any suspicious message or portal related to PM-Kisan or government subsidies, always verify at BharatSecure.app and report fraud to the 1930 cybercrime helpline.

Disclaimer: This article describes a pattern of fraud reported in public sources for public-safety awareness. It is not legal, financial, or medical advice. To request correction or removal of any content, write to hello@bharatsecure.app.