Phishing Messages Impersonating PM-Kisan — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated May 29, 2026

Severity: HIGH | View Full Scam Details

Beware of PM-Kisan Phishing Messages on WhatsApp in India, 2026: Stay Alert to OTP Scams

Phishing messages impersonating the PM-Kisan scheme continue to target Indian farmers and citizens on WhatsApp, using fake OTP requests to steal money and personal data.

What Is the Phishing Messages Impersonating PM-Kisan?

This scam involves fraudulent WhatsApp messages claiming to be from the government’s PM-Kisan Samman Nidhi Yojana, which provides financial support to farmers. The scammers send messages promising early or additional payments under the PM-Kisan scheme and ask recipients to verify their Aadhaar or bank details by entering one-time passwords (OTPs). The goal is to trick victims into sharing their OTPs or clicking malicious links that can lead to financial theft or identity misuse.

This scam primarily targets farmers and rural citizens who expect benefits under the PM-Kisan scheme. However, it has spread widely across India, reaching even urban users through forwarded WhatsApp messages. According to public complaints reported to police and cybercrime cells, such messages have increased in frequency since early 2026. CERT-In and the Indian Cyber Crime Coordination Centre (I4C) have issued general warnings about phishing attempts related to government schemes but have not named this scam specifically yet. Given the severe financial implications, it ranks high on the cyber threat scale.

How This Scam Works — Step by Step

1. Initial WhatsApp Message: Victims receive a WhatsApp text claiming to be from PM-Kisan officials. The message says their payment under the scheme is ready or that additional funds are available. It urges them to act quickly to claim the money.

2. Fake Verification Link or OTP Request: The message includes a link to a fake website or prompts the user to share an OTP sent to their phone. Some messages request users to enter their Aadhaar number or bank account details.

3. OTP Harvesting: When users try to verify using the OTP, scammers either trick them into sharing the OTP or intercept it via SIM swaps or fake apps.

4. Money Transfer or Data Theft: Using the OTP, fraudsters access victims’ bank accounts linked to UPI or net banking and siphon off funds. Alternatively, they misuse Aadhaar details for identity theft or SIM re-registration.

5. Disappearance of Fraudsters: The scammers vanish, leaving victims unable to reverse the money transfer easily. Since UPI payments are instant and usually irreversible without cooperation, victims face substantial loss.

Real Warning Signs to Watch For

• Messages promising large PM-Kisan payments outside official timelines.
• WhatsApp texts asking for OTPs, Aadhaar numbers, or bank details.
• Links leading to unofficial websites with URLs unrelated to pmkisan.gov.in.
• Urgency or threats if the user does not respond immediately.
• Grammar mistakes or strange formatting in the message text.
• Requests for payment confirmation through UPI PIN or bank OTP.
• Messages coming from unknown or unsaved numbers instead of official government contacts.

What Happens to Victims

Victims often lose thousands of rupees from their bank accounts due to unauthorized UPI transactions. Since UPI payments are usually final, banks may find it hard to reverse the transfers without a police report. The misuse of Aadhaar details can lead to long-term identity theft problems, including fraudulent loan applications or SIM card duplications through the mobile service provider.

Victims face emotional stress from financial loss and the daunting process of filing complaints with cybercrime cells and banks. In rural areas, where many beneficiaries lack strong digital literacy, the impact is especially severe. The fear of losing government subsidies intended for livelihood support adds to the distress.

What RBI and CERT-In Say

The Reserve Bank of India (RBI) continuously advises users never to share OTPs or UPI PINs with anyone and stresses verifying payment requests independently. RBI’s framework on digital payments encourages secure UPI authentication and customer awareness to prevent phishing.

CERT-In has issued broad advisories warning against phishing and social engineering attacks via messaging apps like WhatsApp. The Indian Cyber Crime Coordination Centre (I4C) recommends reporting phishing messages to local police and using the 1930 cybercrime helpline for assistance.

Users are urged to rely only on official government portals such as pmkisan.gov.in and avoid clicking on links sent via WhatsApp or SMS claiming to offer PM-Kisan payments or benefits.

How to Protect Yourself

1. Never share OTPs, UPI PINs, Aadhaar, or bank details through WhatsApp or SMS links.
2. Verify any PM-Kisan payment status directly on the official website or through registered mobile numbers.
3. Ignore or delete messages that pressure you to act quickly or provide confidential information.
4. Enable UPI App locking features and biometric authentication for additional security.
5. Use the official PM-Kisan helpline numbers available on government websites to confirm messages.
6. Keep your phone’s software updated and install apps only from trusted sources like Google Play Store.
7. Report suspicious links or messages to WhatsApp and cybercrime authorities immediately.

What to Do If You’ve Been Targeted

1. Immediately block and delete the sender’s WhatsApp number.
2. Contact your bank to report unauthorized transactions and request a freeze or block on your account if needed.
3. File a complaint with your local police cybercrime cell or on cybercrime.gov.in.
4. Call the national cybercrime helpline at 1930 for guidance on recovery and complaint registration.
5. Change passwords, UPI PINs, and Aadhaar-linked mobile SIMs as a precaution.
6. Monitor your bank account regularly for suspicious debits or credits.

Frequently Asked Questions

Q: Can I trust WhatsApp messages claiming to be from PM-Kisan officials?
No. Official PM-Kisan communication is usually through registered phone numbers, SMS, or the official website. Beware of unsolicited WhatsApp messages, especially if they ask for OTPs or personal data.

Q: What should I do if I accidentally shared my OTP with someone?
Immediately contact your bank to block any transactions. Report the incident to cybercrime authorities via the 1930 helpline and file a complaint online. Change your PIN and passwords right away.

Q: How does sharing OTP lead to losing money?
OTPs are used to authenticate transactions like UPI payments or net banking. Fraudsters who get your OTP can approve money transfers without your consent, draining your account quickly.

If you receive suspicious WhatsApp messages about PM-Kisan or any government scheme, verify them first on BharatSecure.app and report fraud at the 1930 cybercrime helpline.

Disclaimer: This article describes a pattern of fraud reported in public sources for public-safety awareness. It is not legal, financial, or medical advice. To request correction or removal of any content, write to hello@bharatsecure.app.