What to do if I received an unexpected message about my Aadhaar-linked mobile number change?

Immediately report it to 1930 and check with your bank about any unauthorized changes. Also, review your Aadhaar logs.

How do I identify if I am a victim of Aadhaar mobile hijacking?

Look for unauthorized OTP requests, unexpected loan alerts, or strange authentication attempts in your DigiLocker.

How can I report this Aadhaar mobile hijacking scam in India?

You can report the scam through the cybercrime helpline 1930 or file a complaint at cybercrime.gov.in.

What steps should I take to recover money after being a victim of this scam?

Contact your bank immediately for assistance, report the fraud, and file a police complaint while documenting everything.

Aadhaar Mobile Hijacking at CSC Centers

Verdict: Suspicious | Risk Score: 9/10 | Severity: critical

Category: UPI, KYC, OTP

How Aadhaar Mobile Hijacking at CSC Centers Works

Overview: A new wave of digital fraud targets Indian citizens by manipulating Aadhaar-linked mobile numbers through Common Service Centers (CSCs) — local government-authorized kiosks meant for public services. Scammers illegally change your mobile number linked to Aadhaar, redirecting authentication messages and OTPs without your knowledge. This threatens both your identity and bank accounts, potentially leading to large unauthorized loans or total financial loss. Victims generally include regular citizens, especially those unfamiliar with digital security, and those in urban and semi-urban regions where CSCs are common. How It Works: Fraudsters approach a CSC — sometimes colluding with a corrupt operator, or exploiting poor verification practices. Using stolen or phished Aadhaar information, they initiate a request to update the linked mobile number. Aadhaar's authentication may be simulated using compromised biometrics or forged documents. The new number, controlled by the scammer, is added to your Aadhaar file. With this access, they intercept OTPs and use your identity to open, takeover, or loan from banks and digital services like DigiLocker. India Angle: In India, this scam has surged due to wide use of Aadhaar across government and financial services. CSCs, present in almost every district [ADDRESS_REDACTED]. UPI, DigiLocker, and Aadhaar-linked bank accounts are the main targets. Typical victims are urban and semi-urban residents who have linked Aadhaar to multiple services but seldom monitor authentication histories. Cities like Ahmedabad have seen notable cases, though it can happen across India. Real Examples: A victim receives a message: “Your Aadhaar mobile number has been modified as per your request. If this was not you, contact support immediately.” Confused, the person checks their DigiLocker app and sees failed logins. Days later, they are alerted to a loan application processed in their name. In another case, a victim finds their phone disconnected, then discovers unauthorized transactions from their bank. Red Flags: - Sudden alerts about changes to your Aadhaar-linked mobile number. - Receiving OTPs or authentication prompts you didn't request. - Notifications from DigiLocker or bank apps about new devices. - Loan approvals, account statements, or bank messages for services you never requested. - Unusual activity in the Aadhaar Authentication History. Protective Measures: - Regularly check your Aadhaar Authentication History on the myAadhaar portal/app. - Immediately lock your Aadhaar biometrics online; unlock only for trusted, in-person use. - Stay alert for all Aadhaar, DigiLocker, or bank notifications. Never ignore any message about changes to your mobile number. - Never share Aadhaar or OTP details, even with people posing as government officials. - Report suspicious activity immediately at 1930, cybercrime.gov.in, and to the RBI as needed. If Victimised: - Secure your Aadhaar by locking biometrics and changing any linked information if possible. - Report identity theft to 1930 and register a complaint at cybercrime.gov.in. - Inform your bank and financial providers to freeze your accounts or halt suspicious transactions. - Consider filing a police FIR for further legal proceedings. Related Scams: - SIM swap attacks, where fraudsters port your mobile number to a new SIM for intercepting OTPs. - Fake KYC update calls requesting Aadhaar details, then misusing them for financial fraud. - Unauthorized DigiLocker or banking app access via phished credentials.

How This Scam Works — Detailed Explanation

Scammers are exploiting the vulnerabilities of Aadhaar-linked mobile numbers through Common Service Centers (CSCs). These centers, which are meant to facilitate access to public services, have become hunting grounds for criminals looking to hijack identities. Scammers target unsuspecting citizens, often approaching them under the guise of helping them with Aadhaar services or financial assistance. They may utilize social engineering techniques via WhatsApp or SMS to create a sense of urgency, convincing individuals to share their details. Once personal information is obtained, these fraudsters can impersonate the victim and request a change in the mobile number associated with their Aadhaar account directly from the CSC.

The tactics employed by these scammers are cunningly deceptive. They might create fake documents or use stolen credentials to request a mobile number change at a CSC, claiming it is for a legitimate reason, such as an administration update. The psychological manipulation is significant; people are often confused about the legitimacy of these demands and are misled by seemingly official communication channels. The use of urgency, like claiming the Aadhaar account will be blocked if not updated, plays heavily on victims' fears. Victims are led to believe they are receiving a valid service, all while scammers work to complete the hijack.

Once the mobile number is successfully changed, the implications for victims can be severe. They may start noticing unauthorized OTP requests while attempting to access their DigiLocker or online banking services. For instance, if a victim lives in Bengaluru and recently applied for a loan from HDFC Bank, they might receive unexpected notifications about loan approvals or transactions they did not authorize. This could escalate to the opening of new loans or credit lines under their name, leading to severe financial stress. Moreover, victims might receive alerts from the bank about large transactions they never initiated, often amounting to several lakhs of rupees, sending them into a panic.

The scale of this issue is staggering. In recent reports from CERT-In, it is indicated that the total losses from Aadhaar-related scams could reach into the hundreds of crores in India, with the Ministry of Home Affairs indicating an over 50% increase in such fraud cases over the last year. Victims are left facing not only financial losses but also a long, arduous recovery path involving police complaints, bank investigations, and emotional distress. For example, one victim lost ₹25 lakh in loans they were unaware of in a case reported in Mumbai. Such stories are becoming increasingly common, stressing the urgent need for awareness and prevention strategies.

To distinguish between legitimate communications and scams, monitor your Aadhaar authentication logs closely for any unusual activity and remain vigilant for unexpected messages about changes to your linked mobile number. While legitimate communications from financial institutions or government services are typically clear and direct, these scams thrive on ambiguity and often urge you to act quickly or share sensitive data. Look for signs such as unusual language or pressure to provide information immediately. Always verify the identity of individuals requesting changes in your account manually, even if the communication appears genuine.

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does Aadhaar Mobile Hijacking at CSC Centers Target?

General public across India

Red Flags — How to Identify Aadhaar Mobile Hijacking at CSC Centers

Unexpected message about Aadhaar-linked mobile number change
Unknown authentication attempts or OTPs on DigiLocker
Loan approval or bank transaction alerts for unknown activity
Unrecognized entries in Aadhaar authentication logs

What To Do If You Encounter Aadhaar Mobile Hijacking at CSC Centers

Report the incident immediately to the cybercrime helpline at 1930.
Change your Aadhaar and bank account passwords without delay.
Contact your bank's helpline (e.g., HDFC 1800-202-6161) to inform them of potential fraud.
Check your Aadhaar authentication logs for any unrecognized entries.
File a complaint on cybercrime.gov.in to document the fraud.
Alert your contacts about potential phishing attempts using your information.

How to Report Aadhaar Mobile Hijacking at CSC Centers in India

Call 1930 — National Cyber Crime Helpline (24x7)
File a complaint at cybercrime.gov.in
Contact your bank immediately if money was lost
Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What to do if I received an unexpected message about my Aadhaar-linked mobile number change?: Immediately report it to 1930 and check with your bank about any unauthorized changes. Also, review your Aadhaar logs.
How do I identify if I am a victim of Aadhaar mobile hijacking?: Look for unauthorized OTP requests, unexpected loan alerts, or strange authentication attempts in your DigiLocker.
How can I report this Aadhaar mobile hijacking scam in India?: You can report the scam through the cybercrime helpline 1930 or file a complaint at cybercrime.gov.in.
What steps should I take to recover money after being a victim of this scam?: Contact your bank immediately for assistance, report the fraud, and file a police complaint while documenting everything.

Related Scams in India

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.