Fake Refund via Remote Access — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated May 30, 2026

Severity: HIGH | View Full Scam Details

Beware of the 2026 Fake Refund via Remote Access Scam in India: Protect Your UPI and WhatsApp

Fake refund scams using remote access tools have become a top cyber threat in India in 2026, targeting everyday users of UPI and WhatsApp with alarming frequency.

What Is the Fake Refund via Remote Access?

The Fake Refund via Remote Access scam involves fraudsters posing as representatives of trusted banks, popular e-commerce platforms, or payment apps. They contact victims through phone calls or WhatsApp messages, claiming that a refund is being processed for a recent purchase or transaction. The catch? They urgently request the victim’s cooperation to "finalize" this refund, usually by asking the victim to install remote access software on their phone or computer.

This scam specifically targets Indians who frequently use Unified Payments Interface (UPI) for online transactions or shop on popular e-commerce websites. With India’s rapid digital payment growth and increased online shopping due to government push for digital India, cyber fraudsters have stepped up such schemes. According to complaints reported to cyber authorities like CERT-In and I4C, these scams have caused significant financial losses across multiple states. The Reserve Bank of India (RBI) and CERT-In have urged users to exercise caution and avoid sharing sensitive information or device access in any unsolicited communications.

How This Scam Works — Step by Step

1. Initial Contact: The victim receives a WhatsApp message or a phone call allegedly from their bank or a major e-commerce platform. The message often states something like:
   “We are processing a refund for your recent order but need information from you to finalize it.”

2. Creating Urgency: The caller claims the refund is time-sensitive, warning:
   “You must respond within 30 minutes, or the refund offer will be canceled.” This rush pressures victims to comply quickly.

3. Request for Remote Access: The caller asks the victim to install a remote access app (like AnyDesk or TeamViewer) to "help verify identity" and "process the refund faster." They guide the victim through downloading and setting up the app on their smartphone or PC.

4. Gaining Control: After connecting, the fraudster uses remote control to access UPI apps, bank accounts, or digital wallets. They may request Aadhaar details or OTPs (One-Time Passwords) under false pretenses, leading to unauthorized transactions.

5. UPI Fraud: The scammer initiates fake UPI transactions, draining the victim’s bank account. Victims unaware of the remote access misuse cannot stop the transfer in time, as UPI transactions are nearly instantaneous and irreversible once completed.

6. Cutting Communication: Once money is transferred, the scammer abruptly ends the call and stops responding, leaving the victim helpless and confused.

Real Warning Signs to Watch For

• Calls or messages claiming urgent refunds and requesting immediate action.
• Requests to install remote access or teamviewer-type apps from unsolicited contacts.
• Pressure tactics insisting on quick compliance or threatening loss of refund.
• Requests for sharing OTPs, UPI PINs, Aadhaar number, or bank credentials.
• Phone calls from numbers not listed as official helpline numbers of banks or e-commerce companies.
• Messages containing poor grammar or informal language disguised as official communication.
• Unsolicited messages on WhatsApp from unknown or masked numbers.

What Happens to Victims

Victims lose significant amounts of money from their bank accounts as fraudsters siphon funds using UPI or other digital payment methods. Since UPI transactions cannot be reversed once authorized, fund recovery is difficult—even with help from banks.

Victims often face emotional distress and loss of trust in digital payments. In some cases, Aadhaar misuse alongside SIM swap fraud has led to amplified identity theft, further complicating recovery efforts. Indian law enforcement agencies report a sharp rise in cases involving fraudsters exploiting remote access scams, disproportionately affecting older people and those less familiar with digital tools.

What RBI and CERT-In Say

The Reserve Bank of India regularly advises users never to share UPI PINs, OTPs, or passwords, and to beware of unsolicited calls offering refunds or technical help. RBI emphasizes that "refunds or compensations" are rarely processed by phone from banks and should always be verified through official bank apps or websites.

CERT-In, India’s national cyber security agency, has warned about the dangers of installing and permitting remote control apps to unknown callers. The government-backed Indian Cyber Crime Coordination Centre (I4C) encourages victims to report scams swiftly and use the 1930 cybercrime helpline for immediate assistance.

How to Protect Yourself

1. Do not install remote access apps on request from unknown callers or unsolicited messages.
2. Verify calls independently: Contact your bank or e-commerce platform using official numbers.
3. Never share OTP, UPI PIN, Aadhaar details, or passwords over phone or WhatsApp.
4. Enable UPI transaction alerts and monitor bank statements regularly.
5. Use official apps directly for refunds or transaction checks — do not follow links or QR codes from messages.
6. Beware of messages promising urgent refunds or compensation.
7. Register complaints quickly if you suspect fraud to improve chances of recovery.

What to Do If You’ve Been Targeted

1. Immediately block the caller and uninstall remote access apps.
2. Contact your bank or UPI app customer service to freeze or block transactions.
3. Change all relevant passwords and PINs and unlink any suspicious devices.
4. Report the scam to your local police cyber unit or file a complaint at cybercrime.gov.in.
5. Call the 1930 cybercrime helpline for guidance on next steps.
6. Inform your mobile network provider in case of suspected SIM-related fraud.
7. Alert BharatSecure.app with scam details to help spread awareness.

Frequently Asked Questions

Q: Can I get my money back if I fall victim to this scam?
A: Recovering money lost through UPI scams is very challenging because UPI transactions finalize within seconds. However, quickly reporting the fraud to your bank and cybercrime authorities can increase chances of action, though full refunds are rare.

Q: Is it safe to share my Aadhaar or bank details over a call for refund purposes?
A: No. Legitimate banks or e-commerce platforms will never ask for your Aadhaar, passwords, UPI PINs, or OTPs over unsolicited calls or messages. Sharing these details can lead to identity theft and fund loss.

Q: How can I verify if a refund message or call is genuine?
A: Always cross-check directly with your bank or the e-commerce platform using official contact details available on their websites or apps. Do not rely solely on caller ID or WhatsApp messages as they can be faked.

For any suspicious or potentially fraudulent messages or calls, verify immediately on BharatSecure.app and report scams by calling the 1930 cybercrime helpline.

Disclaimer: This article describes a pattern of fraud reported in public sources for public-safety awareness. It is not legal, financial, or medical advice. To request correction or removal of any content, write to hello@bharatsecure.app.