LPG KYC/Aadhaar Linking Threat Scam — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated May 27, 2026

Severity: HIGH | View Full Scam Details

Beware in 2026: LPG KYC/Aadhaar Linking Threat Scam Sweeping India

Many LPG consumers across India are under threat from a dangerous scam that tricks people into revealing their Aadhaar and KYC details — risking identity theft and financial loss.

What Is the LPG KYC/Aadhaar Linking Threat Scam?

The LPG KYC/Aadhaar Linking Threat Scam is a phishing and identity theft fraud targeting LPG consumers in India. It exploits the mandatory Aadhaar linking guidelines for LPG connections issued by the government and LPG providers like Indian Oil, Bharat Gas, and HP Gas. Scammers impersonate these official entities to pressure users into sharing sensitive information or clicking on malicious links.

This scam is increasingly widespread across urban and rural India, especially because millions still rely on SMS and WhatsApp for official communications. The scam surfaced prominently after announcements by the Ministry of Petroleum and Natural Gas about final deadlines for LPG KYC and Aadhaar linking, which fraudsters exploit to create a false urgency.

Authorities like the Indian Cyber Crime Coordination Centre (I4C) and CERT-In (Computer Emergency Response Team - India) have issued general advisories cautioning consumers to verify communications related to Aadhaar linking. RBI and other financial regulators have also reiterated cautions about phishing attacks that can lead to unauthorized bank or UPI transactions.

How This Scam Works — Step by Step

1. Initial Contact: Victims receive an SMS, WhatsApp message, or a call from a suspicious number claiming to be from their LPG provider. The message warns that their LPG connection will be disconnected soon unless Aadhaar and KYC are updated immediately.

2. Fake Threat: The message often cites recent government orders or uses official jargon to create panic — e.g., “Your LPG connection will be blocked by 31st March 2026 if Aadhaar is not linked.”

3. Malicious Link or Callback: A link is provided for “quick Aadhaar submitting” or “verification.” Clicking it leads to a lookalike website asking for Aadhaar numbers, OTPs, PAN, or KYC documents. Sometimes, a phone call tries to extract this information verbally.

4. Data Capture: Once victims enter this data, fraudsters steal their identity details, which can be used for bank fraud, new SIM card registrations, or UPI fraud schemes.

5. Financial Loss: Using stolen Aadhaar KYC, scammers can initiate unauthorized UPI payments or open fraudulent bank accounts, causing direct monetary loss. Victims often realize only after unauthorized transactions appear on their bank statements.

6. Service Disruption Fear: In rare cases, scammers may threaten non-payment or non-verification penalties to extract money upfront via fake payment requests or UPI handles.

Real Warning Signs to Watch For

• Message sender IDs or phone numbers do not match official LPG company contacts.
• Urgent threats of disconnection with strict, unrealistic deadlines.
• Requests for sensitive data like Aadhaar number, OTP, bank PIN, or PAN on messages or calls.
• Links that do not match the official LPG company or government domain (example: suspicious ".xyz" or ".info" sites).
• Calls or messages asking for UPI PIN or requesting money transfer to unknown accounts.
• Poor language, spelling mistakes, or generic greetings like “Dear Customer” instead of your registered name.
• Pressure tactics such as repeated calls or reminders within hours.

What Happens to Victims

Victims often suffer financial losses when fraudsters use stolen Aadhaar KYC to open bank accounts or register SIM cards in their names. This unauthorized access enables scammers to conduct fraudulent UPI transactions, siphoning off INR from victims’ accounts without their knowledge. Since UPI payments are instant and final, reversing them is difficult unless detected very early.

Emotionally, victims face stress and helplessness dealing with banks, LPG providers, and cybercrime authorities, especially in smaller towns with less awareness. The misuse of Aadhaar and identity documents also raises the risk of deeper long-term troubles like credit fraud or wrongful legal claims.

What RBI and CERT-In Say

RBI has issued several advisories cautioning users against sharing sensitive financial and KYC data over phone or messages. It emphasizes that no bank or LPG authorized agency will ever ask for your UPI PIN or OTP over calls or texts.

CERT-In promotes awareness about phishing attacks and urges users to verify the authenticity of any message received, especially those claiming urgent government or service provider actions.

The Indian Cyber Crime Coordination Centre (I4C) recommends reporting suspicious calls or messages promptly to the 1930 cybercrime helpline and registering complaints at cybercrime.gov.in. LPG companies have also released guidelines advising consumers to confirm any LPG-related alerts by directly contacting official customer care numbers.

How to Protect Yourself

1. Verify Official Channels: Always cross-check any LPG-related message/call with the official LPG company customer care or website before taking action.
2. Never Share OTPs or UPI PINs: Do not share any One Time Password (OTP) or UPI PIN with unknown callers or through links.
3. Avoid Clicking Unknown Links: Do not click on links received via SMS or WhatsApp regarding Aadhaar or KYC unless from an official source.
4. Use Official Apps: Submit Aadhaar linking only through verified LPG company apps or government portals like DigiLocker or the UIDAI website.
5. Enable Mobile Number and Aadhaar Linking Safeguards: Request your bank to add additional verification layers for transactions linked to your Aadhaar.
6. Monitor Bank and UPI Transactions Daily: Keep a close watch on your registered bank account and UPI payments for any unauthorized debits.
7. Register for DND (Do Not Disturb): Block promotional and unknown senders to reduce phishing message risks.

What to Do If You've Been Targeted

1. Immediately contact your bank and explain the situation. Request them to block or freeze any suspicious accounts or cards.
2. Change your UPI PIN and other passwords linked to Aadhaar and LPG services.
3. File a complaint with your nearest cybercrime police station or online at cybercrime.gov.in.
4. Call the 1930 cybercrime helpline for guidance and support.
5. Inform your LPG provider’s official customer care to ensure your connection remains safe and report suspected scam attempts.
6. Update your mobile number with UIDAI and your bank if you suspect SIM swap fraud.
7. Keep all scam messages or call information as evidence to help investigations.

Frequently Asked Questions

Q1: Can LPG companies disconnect my connection immediately if Aadhaar is not linked?
No, LPG providers usually give ample time and multiple official reminders for Aadhaar linking. They will never threaten disconnection via SMS or calls without proper official communication.

Q2: How can I confirm if an Aadhaar linking message is legitimate?
Verify the sender ID, check the official URLs carefully, and call the official LPG company helpline numbers as listed on their websites before taking any steps.

Q3: What should I do if I accidentally shared my Aadhaar or OTP on a suspicious website?
Change your bank and UPI passwords immediately, inform your bank, file a cybercrime complaint online or with police, and monitor your accounts closely for unauthorized transactions.

Stay safe and vigilant against scams like the LPG KYC/Aadhaar Linking Threat Scam. If you ever receive suspicious messages or calls, verify them first at BharatSecure.app — your trusted guide to digital fraud awareness in India.