Digital Identity Theft by Relatives — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated Jun 10, 2026

Severity: High | View Full Scam Details

Digital Identity Theft by Relatives in India 2026: A Hidden Danger for Elders

Digital identity theft by relatives is an alarming uptrend in India where family members exploit trust to steal personal data, often leading to serious financial loss.

What Is the Digital Identity Theft by Relatives?

Digital identity theft by relatives involves trusted family members—often adult children, nephews, or other close kin—misusing their access to an elder relative’s sensitive personal information. This mode of fraud is particularly concerning because it happens within the family circle where trust typically deters suspicion. In a rapidly digitalising India, where services like UPI, digital loans, and online banking are essential, elders are increasingly targeted for their Aadhaar, PAN, and bank details.

According to reports received by CERT-In and complaints lodged with the Indian government's cybercrime reporting portal, such incidents are growing, especially in metropolitan and urban areas where digital transactions are common. The scam exploits the KYC (Know Your Customer) frameworks embedded in financial services, further complicating detection and prevention. The Indian government and agencies like RBI and I4C have repeatedly warned about safeguarding KYC credentials, especially from those you trust implicitly.

How This Scam Works — Step by Step

1. Initial Approach: A relative, often known and trusted by the elder, asks for Aadhaar, PAN, or bank details under the pretense of helping with digital payments, loan applications, or completing KYC formalities on apps.

2. Establishing Trust: The relative might use WhatsApp or calls to request these details casually, making the request appear urgent but harmless—as if they only want to “help” set up UPI or verify mobile number SIM linking.

3. Extracting OTPs: After collecting initial credentials, the relative asks for OTPs or PINs sent via SMS or WhatsApp to authenticate transactions or complete loan processing steps.

4. Unauthorized Transactions: Using the gathered information and OTPs, the caller initiates financial transactions, often transferring money from UPI-linked accounts, taking digital loans in the elder’s name, or applying for credit cards.

5. Disappearance of Funds: Funds may be moved rapidly to other accounts or used to pay off fake loans, leaving victims with depleted balances and a complex recovery path.

6. Delayed Detection: Elders often realize the theft only when bank statements show unexplained debits or loan defaults appear against their credit record, making it tough to dispute.

Real Warning Signs to Watch For

• A relative suddenly taking an unusual interest in your Aadhaar, PAN, bank, or UPI information.
• Requests to share OTPs or PINs over WhatsApp, call, or SMS—especially if urgent or persistent.
• Unexplained loan application forms or bank messages for accounts not opened by you.
• Sudden changes or requests to link mobile numbers with Aadhaar or bank accounts without your full understanding.
• Notifications from the bank or RBI about transactions you did not authorize.
• Relatives avoiding clear answers when asked about how they will use your personal data.
• Pressure tactics or emotional appeals to “just share now” for quick help with payments or government schemes.

What Happens to Victims

Victims, especially elderly people, face not only immediate financial loss but also emotional distress. In the Indian context, once a UPI transaction is authorized with OTP, it is nearly impossible to reverse without significant proof. Scam victims can suffer long delays in bank refunds due to procedural bottlenecks. Misuse of Aadhaar and PAN can lead to identity linked loan defaults, harming credit scores and causing harassment from recovery agents. A SIM swap, sometimes executed by the relative too, can block victims from receiving OTPs, making recovery even harder.

This betrayal deeply impacts family trust and often leaves elders wary of further digital transactions or seeking help, playing into the fraudsters’ hands.

What RBI and CERT-In Say

The Reserve Bank of India (RBI) has alerted customers multiple times to never share OTPs or PINs with anyone, even known family members. RBI helplines like 1800-111-555 and the cybercrime reporting portal (www.cybercrime.gov.in) provide support for victims.

CERT-In advises users to safeguard Aadhaar and PAN, not share digital KYC documents casually, and only approve transactions through official banking apps. The Indian government’s Integrated Cyber Crime Coordination Centre (I4C) reinforces awareness around identity theft and encourages filing complaints through the 1930 cybercrime helpline for swift action.

How to Protect Yourself

1. Never share OTPs or PINs: OTP is your digital signature—do not share it, even with family.
2. Limit sharing sensitive info: Provide Aadhaar or PAN details only to verified government or financial institutions.
3. Use official apps for KYC: Never let others do digital KYC on your behalf.
4. Verify suspicious requests: Call your bank or financial service provider directly if a relative asks for KYC help.
5. Set alerts: Enable SMS and email alerts for all transactions linked to your accounts.
6. Use multi-factor authentication: Add extra layers of security wherever possible.
7. Keep your mobile secured: Use SIM lock/PIN and avoid giving your phone to others unrestricted.

What to Do If You’ve Been Targeted

• Immediately contact your bank’s fraud prevention desk to block transactions and freeze suspicious activity.
• Report the incident at the national cybercrime portal (cybercrime.gov.in) or call the 1930 cybercrime helpline.
• Lodge a complaint with your local police cybercrime cell explaining the misuse by a known relative.
• Contact UIDAI to flag any Aadhaar misuse and request a lock on your biometric data if necessary.
• Monitor your credit bureau report regularly and dispute unauthorized loans or credit cards.
• Inform RBI through its customer helpline about identity theft or digital fraud on your financial accounts.

Frequently Asked Questions

Q: Can a family member legally access my Aadhaar or bank details for KYC?
A: No. Aadhaar and bank KYC details are sensitive personal data protected by law and should only be shared with authorised entities with your full knowledge. Sharing with relatives for convenience may lead to misuse.

Q: What if I already shared OTP with a relative?
A: Immediately report the incident to your bank and block your accounts to prevent further loss. Change all linked passwords and notify cybercrime authorities.

Q: How can I confirm if my digital identity has been stolen?
A: Look out for unexplained financial transactions, messages about loans you didn’t apply for, or KYC completion alerts from your bank, UIDAI, or financial institutions.

If you receive suspicious messages or calls about your digital identity, verify it promptly at BharatSecure.app and report fraud via the 1930 helpline.

Disclaimer: This article describes a pattern of fraud reported in public sources for public-safety awareness. It is not legal, financial, or medical advice. To request correction or removal of any content, write to hello@bharatsecure.app.