Fake USCIS Email Domains (Phishing) — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated May 28, 2026

Severity: HIGH | View Full Scam Details

Beware in 2026: Fake USCIS Email Domains Phishing Targeting Indians Planning US Visas

Many Indians hoping to work or study in the United States face a new digital threat—fraudulent emails pretending to be from the United States Citizenship and Immigration Services (USCIS). These fake emails use misleading domains to steal personal data and money.

What Is the Fake USCIS Email Domains (Phishing)?

This scam involves fraudsters sending emails that appear to come from USCIS, the official US government agency responsible for immigration and visa matters. However, instead of using legitimate USCIS email domains like @uscis.gov, these emails come from common and unrelated services such as @gmail.com or @yahoo.com. The fake emails often falsely claim urgent visa or immigration issues requiring immediate attention.

The scam mainly targets Indians who are working, studying, or planning to travel to the US—the group most likely to receive genuine USCIS communications. Reports from cybercrime forums and victim complaints indicate this phishing method has grown in India since 2024, exposing many to risks of identity theft and financial loss.

In India, regulatory bodies like CERT-In and the Indian Cybercrime Coordination Centre (I4C) have repeatedly warned the public about phishing scams impersonating foreign government agencies. The Reserve Bank of India (RBI) also alerts users to verify unexpected transaction requests, especially those coming via email links.

How This Scam Works — Step by Step

1. Initial Contact by Fake Email: The victim receives an unsolicited email claiming to be from USCIS. The email address is suspicious—coming from something like uscis.update@gmail.com instead of an official USCIS domain.

2. Urgent and Alarmist Message: The email states that the recipient’s visa application or immigration status has an urgent problem, such as expiration, missing documents, or fees due. The message pressures the victim to act quickly.

3. Link to Fake Website: The email contains links directing the victim to a fake website that looks very similar to the official USCIS portal. The victim is asked to enter detailed personal information such as passport details, Aadhaar number, or even login credentials.

4. Harvesting Personal Information: Once information is submitted, scammers collect it to commit identity theft or sell it on dark web forums.

5. Request for Payment or Bank Details: Sometimes, the fake site or subsequent emails ask the victim to pay fees via UPI IDs, bank accounts, or international money transfer apps. These payments go directly to fraudsters.

6. Loss of Control and Funds: If victims fall for the scam, they lose money via fraudulent bank transfers or UPI payments, and their confidential data can be misused for SIM swap frauds or new loan applications in their name.

Real Warning Signs to Watch For

• Email address ending with free email providers (like @gmail.com, @yahoo.com) instead of official USCIS domains (@uscis.gov).
• Poor grammar, spelling errors, and awkward sentence structure in the email text.
• Urgent demands to act “within hours” or “immediately” to avoid visa cancellation.
• Links in emails leading to websites with suspicious URLs, differing slightly from the official USCIS site.
• Unsolicited emails without prior applications or contact with USCIS.
• Requests for payment via UPI, bank transfer, or payment apps, especially to unfamiliar IDs.
• Email attachments or links leading to pages asking for sensitive personal details like Aadhaar or passport copies.

What Happens to Victims

Victims of this scam often face both financial and emotional distress. The immediate loss could be money transferred via UPI apps or direct bank transactions hard to reverse once the scammer withdraws funds. Unlike payments through formal channels, UPI transfers do not have consumer protection for fraud once funds clear an account.

Additionally, sharing personal details like Aadhaar and passport numbers can lead to identity theft. Fraudsters may perform SIM swap scams using stolen mobile details, making it easier to bypass OTPs and steal more money or commit crimes in the victim’s name. The uncertainty and breach of privacy cause significant stress, especially for those already navigating visa challenges abroad.

What RBI and CERT-In Say

The Reserve Bank of India regularly advises customers to verify the authenticity of payment requests and avoid clicking unknown links in emails, particularly those asking for transfer approvals or sensitive data. RBI’s customer helpline can assist if unauthorized UPI transactions are suspected.

CERT-In and the Ministry of Home Affairs’ Indian Cybercrime Coordination Centre (I4C) have issued general advisories warning against phishing emails impersonating government bodies, urging citizens to look for official email domains and report suspicious messages promptly. The national cybercrime helpline 1930 is a key resource for reporting such scams and getting guidance on recovery steps.

How to Protect Yourself

1. Always verify the sender’s email domain. Genuine USCIS emails will end with @uscis.gov — never trust @gmail.com or similar.
2. Do not click on links or download attachments from unsolicited emails, especially if they claim urgent action on your visa.
3. Confirm visa status changes directly through the official USCIS website by manually typing the URL or using USPS or embassy portals.
4. Never share Aadhaar, passport numbers, or bank details via email or unfamiliar web forms.
5. If asked to pay fees, use only official USCIS payment channels; avoid UPI or bank transfers to unknown IDs.
6. Enable two-factor authentication (2FA) on email and bank accounts to prevent unauthorized access.
7. Regularly monitor UPI and bank transactions via mobile apps and link account alerts to your phone for instant updates.

What to Do If You've Been Targeted

• Immediately stop all communication with the sender and do not respond to further emails.
• Change passwords for your email, banking apps, and any US visa-related accounts to prevent account takeover.
• Contact your bank or UPI app provider to report suspected fraud and request blocking or freezing of accounts if necessary.
• File a cybercrime complaint on the government platform cybercrime.gov.in, detailing the scam and providing copies of emails or transaction records.
• Call the national cybercrime helpline 1930 for advice on immediate next steps and possible recovery options.
• Inform Aadhaar authorities if you suspect your Aadhaar details were compromised to check for misuse.
• Stay alert for any unexpected loan or SIM activation requests in your name and report them promptly.

Frequently Asked Questions

Q: How can I tell if an email really came from USCIS?
A: Official USCIS emails always use the domain @uscis.gov. If you receive messages from generic domains like @gmail.com or see spelling errors and urgent threats, it is likely a phishing attempt.

Q: What should I do if I clicked a link and entered my details?
A: Change your passwords immediately for email and financial accounts. Contact your bank to block suspicious transactions. File a complaint on cybercrime.gov.in and use helpline 1930 for assistance.

Q: Are UPI payments to unknown recipients reversible if I fell for this scam?
A: UPI transactions are generally irreversible once completed. The sooner you notify your bank after spotting suspicious transfers, the better the chances to prevent further losses.

If you receive suspicious requests claiming to be from USCIS or any foreign immigration authority, verify them first on BharatSecure.app. You can also report fraud by calling 1930 to help protect yourself and others in India.

Disclaimer: This article describes a pattern of fraud reported in public sources for public-safety awareness. It is not legal, financial, or medical advice. To request correction or removal of any content, write to hello@bharatsecure.app.