Retired Government Employee Duped of ₹13 Lakh by Cyber Con Artists — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated Jun 08, 2026

Severity: Medium | View Full Scam Details

Retired Government Employee Duped of ₹13 Lakh by Cyber Con Artists in India 2026: A Phishing Alert

In 2026, phishing frauds continue to target retired government employees in India, with one recent case involving the alleged loss of over ₹13 lakh.

What Is the Retired Government Employee Duped of ₹13 Lakh by Cyber Con Artists?

This scam involves fraudsters targeting retired government officials by impersonating trusted government or financial institutions to steal large sums of money—often ₹10 lakh and above. Such victims are specifically chosen because they are likely to have steady pension deposits and savings in their bank or mutual fund accounts.

Phishing remains one of the leading cybercrime methods in India, and retired government employees are reportedly vulnerable due to their reliance on digital communication for pension-related updates, Aadhaar-linked bank accounts, and frequent use of Unified Payments Interface (UPI). According to complaints reported to CERT-In and the Indian Cyber Crime Coordination Centre (I4C), the scam is growing, with numerous cases involving fake OTP requests and fraudulent KYC links.

While RBI and CERT-In have issued general advisories against phishing and UPI-related scams, recent case reports highlight this emerging pattern exploiting the trust in official channels to dupe senior citizens out of their life savings.

How This Scam Works — Step by Step

1. Initial Contact via Call or WhatsApp: The fraudsters call or WhatsApp the retired employee, posing as officials from pension departments, banks, or government schemes like the Employees’ Provident Fund Organisation (EPFO).

2. Creating Urgency: The caller claims there is an issue with the pension deposit, Aadhaar linkage, or bank account verification that needs immediate attention to avoid service disruption.

3. Phishing Link or OTP Request: The victim is asked to click on a WhatsApp or SMS link to “verify” their details or share an OTP (One-Time Password) sent to their phone, purportedly for authentication.

4. Fake KYC or Verification Form: Upon clicking the link, which mimics official government or bank websites, the victim enters sensitive data such as Aadhaar details, bank account numbers, UPI IDs, and sometimes even passwords or CVV numbers.

5. Fund Transfer Through UPI or Net Banking: Using the collected information, the fraudsters initiate unauthorized UPI transfers or net banking transactions. They may also perform SIM swap scams to intercept OTPs and authorize transfers.

6. Victim Realizes Loss: The victim notices large unauthorized withdrawals—often crossing ₹10 lakh—and reports the issue, but by then, funds are mostly gone or routed through multiple accounts to evade tracing.

Real Warning Signs to Watch For

• Unexpected Calls Claiming Official Status: Calls from unknown numbers claiming to be from government pension offices or banks without prior notice.

• Urgency and Pressure Tactics: Insistence on immediate action, threatening pension stoppage or legal action.

• Requests for OTP Sharing: Asking for confidential OTPs received on phone—officials never require you to share these.

• Suspicious Links in SMS/WhatsApp: Links that don’t exactly match official government or bank websites or use unusual URLs.

• Poor Grammar or Spelling in Messages: Messages or calls full of errors are a red flag.

• Requests for Personal Data: Asking for Aadhaar number, bank PIN, CVV, or passwords during calls or chats.

• Unsolicited KYC or Verification Forms: Out-of-the-blue requests to update or verify information with links or attachments.

What Happens to Victims

Victims suffer severe financial loss, often wiping out pension savings meant for retirement. Given the scale—₹13 lakh and more in reported cases—recovery is complicated by the digital nature of the theft.

Emotionally, victims experience distress and loss of trust in digital platforms. Many hesitate to use UPI or internet banking again, which disrupts their financial independence. The misuse of Aadhaar can lead to further identity theft risks, complicating legal and administrative remedies. Additionally, SIM swap attacks allow fraudsters to block victims from receiving future OTPs, delaying detection.

What RBI and CERT-In Say

The Reserve Bank of India (RBI) has issued repeated advisories warning users against sharing OTPs and personal banking credentials with anyone. RBI alerts emphasize that banks or pension authorities never ask for passwords, PINs, or OTPs over calls or messages.

CERT-In also highlights phishing as a top cyber threat, especially targeting senior citizens. Their guidelines urge vigilance against suspicious links and stress the importance of verifying any communication claiming to be official through trusted channels.

The Indian Cyber Crime Coordination Centre (I4C) runs the 1930 helpline, advising citizens to report such fraud attempts promptly for timely intervention. Both RBI and CERT-In recommend regular monitoring of bank statements and UPI transactions to detect unauthorized activity early.

How to Protect Yourself

1. Never Share OTPs or Internet Banking Credentials: Remember, legitimate officials will never ask for these.

2. Verify Caller Identity Independently: If you get suspicious calls, hang up and contact the bank or pension office directly using known phone numbers.

3. Avoid Clicking Unfamiliar Links: Only log in to banking or government sites via official websites or apps, not through forwarded messages.

4. Enable UPI Transaction Limits and Alerts: Use RBI’s mandated UPI daily limits and SMS alerts to monitor transactions in real time.

5. Beware of Pressure Tactics: Take time to verify any urgent requests, especially those threatening service disruption.

6. Use Official Government Portals for Updates: For pension or Aadhaar-related matters, always use official government portals or visit the office in person if uncertain.

7. Report Suspicious Activity Promptly: Contact your bank and the 1930 cybercrime helpline immediately if you suspect fraud.

What to Do If You've Been Targeted

• Immediately Contact Your Bank: Request them to block your accounts or UPI IDs to prevent further losses.

• File a Police Complaint: Visit your local cybercrime police station with all relevant communication and transaction details.

• Report to I4C via Cybercrime.gov.in: Use the national cybercrime reporting portal to file an online complaint.

• Call the 1930 Cybercrime Helpline: For guidance on next steps and preventive measures.

• Freeze Aadhaar-linked Services Temporarily: Use UIDAI’s official website to lock or verify your Aadhaar services.

• Change Passwords and Enable Two-Factor Authentication: On all banking and related accounts.

Frequently Asked Questions

Q: Can the bank reverse fraudulent UPI transactions?
A: RBI guidelines allow for the reversal of unauthorized transactions in certain cases, but time is critical. Victims should report immediately, though recovery is not guaranteed.

Q: How can I identify phishing messages related to pension or Aadhaar?
A: Genuine messages will come from official IDs and websites. Avoid clicking on unknown links and verify messages by contacting official helplines.

Q: What should I do if I accidentally shared my OTP?
A: Immediately inform your bank to block transactions, change passwords, and report to cybercrime authorities to increase chances of stopping fraud.

Verify any suspicious calls or messages at BharatSecure.app and report fraud attempts at the 1930 cybercrime helpline without delay.

Disclaimer: This article describes a pattern of fraud reported in public sources for public-safety awareness. It is not legal, financial, or medical advice. To request correction or removal of any content, write to hello@bharatsecure.app.