Aadhaar Phishing via Fake Support Calls

Verdict: Suspicious | Risk Score: 7/10 | Severity: high

Category: UPI, WhatsApp, KYC

How Aadhaar Phishing via Fake Support Calls Works

Overview: This scam targets Indian citizens with bank accounts by exploiting the importance of Aadhaar in verification. Fraudsters try to extract Aadhaar details pretending to resolve KYC or block account threats. If successful, they can use such info to perform unauthorized transactions, access other financial services, or even attempt SIM swaps. How It Works: Victims receive a call or WhatsApp message from someone claiming to be from a major Indian bank’s KYC team or support desk. The caller invents a story—perhaps your bank account or UPI will be frozen without an urgent Aadhaar ‘reverification.’ They coax you into sharing your Aadhaar number, OTP, or a scanned ID photo. In some versions, fake online KYC portals are promoted via links. With enough details, the scammer may trigger fraudulent account activity or facilitate SIM swaps for deeper account access. India Angle: The scam leverages the mandatory nature of Aadhaar and recent KYC update drives in Indian banking. It targets customers across both urban and semi-urban settings, especially older adults or those unfamiliar with digital banking norms. Real Examples: “Sir/Ma’am, this is HDFC KYC. Your Aadhaar is mismatched—please share now or your account will be blocked in 2 hours.” Or, “Click this link to complete e-KYC verification for bank continuity.” Red Flags: - Threats that your account will be ‘blocked’ without instant Aadhaar sharing. - Any request for Aadhaar/OTP over phone or WhatsApp. - Unofficial links for ‘verification’ instead of the official bank website/app. - Callers who can’t answer basic queries about your bank. Protective Measures: - Never disclose Aadhaar numbers, scanned copies or OTPs over phone or message. - Only update KYC via a branch or the official bank app/website. - Block/report calls/messages demanding urgent Aadhaar sharing. - Set phone to auto-reject unknown callers if you’re not expecting bank contact. If Victimised: Notify your bank and request a freeze on your account. Report fraud to 1930, cybercrime.gov.in, and contact UIDAI helpline for Aadhaar misuse support. Related Scams: - PAN card fraud for loan applications. - Fake RBI website phishing.

How This Scam Works — Detailed Explanation

Aadhaar Phishing via Fake Support Calls is a prevalent scam targeting Indian citizens who use UPI for transactions. Scammers often initiate contact through phone calls or WhatsApp messages, making it easy to reach potential victims. These fraudsters pose as representatives from major banks, exploiting the greater reliance on technology in financial transactions, especially post-demonetization. They often gather their information on victims through social engineering techniques, such as data mining social media platforms where users might have shared their phone numbers linked to bank accounts or Aadhaar. Additionally, they may set up call centers in regions with high phone call traffic to increase their chances of reaching a vulnerable audience.

To manipulate their victims, scammers employ various psychological tactics, creating an environment of fear and urgency. They may call, claiming that there is an issue with the victim's KYC processes or that the account is at risk of being blocked unless immediate action is taken. This could be communicating a fictitious deadline, pressing the victim to relinquish their Aadhaar details, or even pushing them to share OTPs under the pretense of completing verification. By instilling fear and urgency, the scammers effectively pressure the victims, causing them to act without thinking carefully about the situation. The use of the name of a reputable bank serves to bolster their credibility in the eyes of the victims.

Once victims become compliant, the consequences can be severe. If the victims provide their Aadhaar number, the scammers can process unauthorized transactions using their bank accounts. Victims often report losing substantial amounts; for instance, in 2022, it was reported that Indian citizens lost around ₹4,000 crore due to various scams related to KYC fraudulent requests, including Aadhaar phishing tactics. The fraud does not end with one instance—because they possess crucial personal information, scammers may further exploit the victim's data for SIM swaps or complete identity theft, opening avenues for deeper financial fraud.

The impact of such scams on the Indian populace is stark. According to the Ministry of Home Affairs (MHA), cyber fraud cases saw a significant rise, with a boost from shifting online banking practices, especially during the pandemic. Reports also indicate that the National Payments Corporation of India (NPCI) has been at the forefront of detecting and preventing these issues but can only do so much in a landscape rife with deception. Additionally, the Reserve Bank of India (RBI) continuously issues advisories to help customers safeguard their information, yet the number of individuals falling victim to these scams illustrates that resources are often insufficient to combat the dexterity of fraudsters.

To differentiate between these scams and legitimate bank communications, it is essential to be aware of the following cues. Legitimate banks typically do not demand personal information over the phone or through unsecured channels like basic WhatsApp messages. Official contacts would guide customers to their website or app, which means any link sent that does not lead there should be considered suspect. Furthermore, real bank representatives will never press clients to share OTPs over the phone. If a call or message seems alarming or demands information urgently, it is advisable to hang up and independently verify directly with the bank using official helplines like SBI at 1800-11-1109 or HDFC at 1800-202-6161.

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does Aadhaar Phishing via Fake Support Calls Target?

General public across India

Red Flags — How to Identify Aadhaar Phishing via Fake Support Calls

  • Urgent call demanding Aadhaar number or scan
  • Links for KYC/verification that aren’t on official site/app
  • Threat that account will be blocked same day
  • Suggestions to share OTP over phone

What To Do If You Encounter Aadhaar Phishing via Fake Support Calls

  1. Report the incident immediately at 1930 or cybercrime.gov.in for proper documentation.
  2. Contact your bank's customer care using official helpline numbers to report the call.
  3. Change your Aadhaar-linked account passwords to secure your information.
  4. Enable two-factor authentication on banking services to add an extra layer of security.
  5. Monitor your bank and UPI account transactions closely for unauthorized activity.
  6. Educate friends and family about this scam to prevent further victimization.

How to Report Aadhaar Phishing via Fake Support Calls in India

  • Call 1930 — National Cyber Crime Helpline (24x7)
  • File a complaint at cybercrime.gov.in
  • Contact your bank immediately if money was lost
  • Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What to do if I shared my OTP in a UPI scam?
Immediately contact your bank's helpline, such as SBI 1800-11-1109, to secure your account and report the incident.
How can I identify this specific Aadhaar phishing scam?
Be cautious if the caller is asking for your Aadhaar number urgently or suggests that your account will be blocked without it.
How to report this type of scam in India?
You can report such scams at cybercrime.gov.in or call 1930 for immediate assistance.
How to recover money or protect accounts after this scam?
Promptly notify your bank to freeze any transactions and follow their procedures for reporting fraud to safeguard your funds.

Related Scams in India

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.