From Bazooka to Fake Nikes — How to Identify & Stay Safe

Severity: MEDIUM | View Full Scam Details

From Bazooka to Fake Nikes Scam in India 2026: A New Wave of Phishing Frauds Targeting Job Seekers and Shoppers

The "From Bazooka to Fake Nikes" scam is a growing phishing fraud in India, where scammers impersonate businesses on platforms like WhatsApp and LinkedIn to trick people into losing money or personal data.

What Is the From Bazooka to Fake Nikes?

This scam involves fraudsters creating fake online identities that look like legitimate companies, mainly targeting job seekers and online shoppers in India. "From Bazooka to Fake Nikes" is not a single company but a term highlighting how scammers impersonate diverse brands—from well-known sportswear brands like Nike to smaller local businesses—using their logos and names illegally. The scam's widespread nature has alarmed many users, especially younger job seekers who frequently use LinkedIn and WhatsApp to find employment or deals.

Scammers often mimic the HR departments of reputed firms on LinkedIn or customer service handles on WhatsApp, sending fake job offers or product discount messages. Victims in India from metros to smaller cities report losing thousands of rupees via UPI payments or sharing sensitive details like Aadhaar numbers and bank OTPs, which lead to SIM swap frauds and unauthorized transactions.

Authorities like CERT-In (Indian Computer Emergency Response Team) and the Indian government’s I4C (Indian Cyber Crime Coordination Centre) have issued advisories on impersonation and business phishing scams. While there is no specific advisory naming this scam by "From Bazooka to Fake Nikes," the pattern fits into RBI and CERT-In warnings about frauds exploiting social media and messaging apps for phishing and social engineering.

How This Scam Works — Step by Step

1. Initial Contact via Social Media or Messaging: Fraudsters create fake LinkedIn profiles posing as HR executives of popular companies or set up WhatsApp numbers to impersonate brand customer support. They usually send connection requests or contact users via messages with enticing offers or job openings.

2. Building Trust Using Official Branding: They use stolen logos, company letterheads, and “official” business card designs to appear genuine. This includes providing links to look-alike websites or digital forms.

3. Engaging the Victim: For job seekers, scammers ask for sensitive documents like scanned Aadhaar cards, PAN cards, or bank details under the guise of background verification or salary processing. For shoppers, they promote fake deals on branded products like Nike shoes, requiring advance payment via UPI or net banking.

4. Payment and Data Theft: Victims make payments to fraudsters’ bank accounts or UPI IDs. In some cases, OTPs sent for transaction confirmation are shared unknowingly. Fraudsters then use this data to initiate unauthorized transactions or conduct SIM swap attacks.

5. Disappearing After Payment: Once the money is received, scammers cut off all communication. Victims realize they have been duped when job offers don’t materialize or the products never arrive.

Real Warning Signs to Watch For

• LinkedIn profiles with few connections but claiming to be HR or company officials.
• Messages urging urgent payments via UPI or Google Pay.
• Poor grammar and spelling mistakes in supposedly official communication.
• Requests for sensitive documents like Aadhaar and PAN through WhatsApp or email.
• Links directing to unofficial or look-alike websites with different URLs.
• Offers that seem “too good to be true,” like brand-new Nike shoes at 70% discount.
• Lack of verifiable company email addresses (e.g., no official domain, just Gmail or Yahoo IDs).

What Happens to Victims

Victims often face direct financial loss, with amounts ranging from a few thousand to lakhs of rupees. Unlike bank frauds protected under RBI guidelines, UPI transactions are instantaneous and mostly irreversible, meaning victims cannot get refunds easily. Furthermore, Aadhaar misuse can lead to identity theft, affecting loan applications or credit card approvals without the victim’s knowledge.

If scammers get hold of OTPs or execute SIM swaps, victims lose control over their phone numbers, locking them out of banking apps or digital wallets. This causes emotional distress, anxiety, and time-consuming recovery processes involving multiple agencies.

What RBI and CERT-In Say

RBI has long warned against sharing OTPs, PINs, or passwords with anyone and advises customers to transact only via official apps or bank portals. It urges vigilance against phishing links and cautions users about fake profiles impersonating bank officials or company representatives.

CERT-In’s advisories frequently mention phishing through social media and messaging apps as a “high risk” cybercrime in India’s digital ecosystem. The government’s 1930 cybercrime helpline is dedicated to assisting victims of such frauds, and users are encouraged to report suspicious activities immediately.

How to Protect Yourself

1. Verify Profiles: Always cross-check LinkedIn or WhatsApp contacts by confirming their official company email or calling the company helpline.
2. Never Share OTP or PIN: Keep all transaction-related information strictly private.
3. Use UPI App Security Features: Set transaction limits and enable app-specific passwords.
4. Avoid Clicking Unknown Links: Don’t open links from unsolicited messages or public groups.
5. Check URLs Carefully: Official websites have a secure HTTPS protocol and recognizable domain names.
6. Inspect Offers Closely: If a deal feels too good or comes from an unknown source, double-check before acting.
7. Report Suspicious Messages: Use BharatSecure.app to verify messages or profiles before responding.

What to Do If You've Been Targeted

• Immediately block the contact or profile that reached out.
• Report the fraud to the 1930 cybercrime helpline or file a complaint on cybercrime.gov.in.
• Inform your bank and UPI app support about unauthorized transactions and request blocking of accounts or IDs if necessary.
• Change your Aadhaar-Linked mobile or banking security settings, and notify the UIDAI if your Aadhaar details were compromised.
• Visit your nearest police station with evidence to register an FIR, as police action can help trace fraudsters.
• Monitor your bank statements and credit reports regularly for unusual activity.

Frequently Asked Questions

Q: How can I be sure if a LinkedIn job offer is genuine?
A: Verify the person’s email address to see if it matches the company’s official domain, look for consistent job listings on the company’s official website, and avoid offers that require payments upfront or sharing sensitive personal documents through messaging apps.

Q: Can I get my money back if I paid through UPI to a scammer?
A: Most UPI payments are instant and irreversible. While banks do investigate fraud complaints, recovery is often difficult unless the scammers’ accounts are frozen quickly. Always notify your bank immediately to increase chances of recovery.

Q: What should I do if someone asks for my Aadhaar through WhatsApp for a job?
A: Avoid sending Aadhaar or any government ID over WhatsApp or social media. Legitimate companies usually have secure HR portals and will never pressure you to share such details via informal channels.

If you receive suspicious messages or offers related to job recruitment or online shopping, always verify before responding. Check questionable messages at BharatSecure.app to protect yourself from scams like "From Bazooka to Fake Nikes." Stay alert, stay safe!