What to do if I shared my OTP in a WhatsApp scam?

If you've shared your OTP, immediately change your password for the affected account and contact your bank at 1800-11-1109 or HDFC at 1800-202-6161 for further assistance. You should also report the incident to the cybercrime helpline at 1930.

How can I identify a Crypto Credential Harvesting Phishing Scam?

Look for links with slight misspellings of official exchange names or messages demanding urgent action regarding account verification. Legitimate exchanges won’t ask for sensitive details via messaging apps.

How do I report this type of scam in India?

You can report phishing scams by calling the cybercrime helpline at 1930, submitting a report at cybercrime.gov.in, and notifying your bank about any financial fraud.

What recovery steps are available if I've been scammed?

If you’ve been scammed, first document everything related to the scam. Change your passwords, contact your bank, and report the scam to the cybercrime helpline at 1930 for guidance on further action.

Crypto Credential Harvesting Phishing Scam

Verdict: Suspicious | Risk Score: 7/10 | Severity: high

Category: WhatsApp, KYC, Phishing

How Crypto Credential Harvesting Phishing Scam Works

Overview: In the credential harvesting phishing scam, fraudsters send emails, SMSs, or WhatsApp messages designed to trick Indians into revealing their crypto exchange passwords, recovery phrases, or two-factor authentication codes. Using fake websites that closely mimic real exchange login pages, scammers steal sensitive login information, then drain victims’ wallets and accounts. Even those with technical know-how can fall prey if caught off guard. The losses are typically significant and occur rapidly after credentials are exposed. How It Works: Step 1: A scammer sends a message impersonating an exchange or a finance app, urging the victim to update KYC details or reset their password due to security concerns. Step 2: The link in the message leads to a fake but convincing login page. Step 3: When the victim enters account credentials and possibly even a two-factor authentication code, scammers instantly access the real account and steal available funds. Step 4: Sometimes they lock the victim out by changing settings or initiating withdrawals. India Angle: Indian victims receive these phishing attempts in Hindi, English, or regional languages, especially targeting cities with high crypto adoption (Bangalore, Pune, Mumbai, Hyderabad, Delhi). Many fraudulent websites use .in domain endings and mimic Indian exchange interfaces. Some emails even borrow legal or RBI-sounding language to sound serious and urgent. Real Examples: A Pune user gets an SMS: 'Your CoinDCX account is at risk. Verify your wallet at coindcx-in.com now.' Another typical phishing attempt: 'Important: Complete your KYC update for continued access to WazirX Wallet. Click here.' Red Flags: - Links that look similar to real domains but have small spelling differences - Messages warning of urgent action or account suspension - Requests for recovery phrases or full account credentials - Unusual sender details or poorly formatted emails Protective Measures: - Double check URLs by typing them directly, never from message links - Never share seed phrases, passwords, or OTPs even if the message looks official - Use official apps and update only through verified sources - Enable and regularly change two-factor authentication settings If Victimised: - Immediately change affected passwords and activate security locks - Contact your exchange’s real customer support - Report the incident at 1930 and cybercrime.gov.in Related Scams: - KYC update phishing targeting bank and finance apps - SIM swap fraud to intercept SMS OTPs for account takeovers - Tech support scams demanding remote access to phones or laptops

How This Scam Works — Detailed Explanation

In recent months, the use of platforms like WhatsApp for phishing scams has surged, particularly concerning cryptocurrency. Scammers often target Indian users by first identifying individuals engaged in cryptocurrency conversations or groups. They may join these groups, gather insights into participants, and then initiate contact. Fraudsters send messages that appear friendly or informative, often masquerading as legitimate exchanges or crypto influencers. These messages can contain links purportedly leading to security updates or new features of a crypto exchange, tricking users into providing their vital credentials. Given India's rapidly growing interest in cryptocurrencies, scams leveraging WhatsApp are particularly effective, as many individuals lack awareness of the specific risks.

Scammers employ psychological tactics to create a sense of urgency and fear. They may leverage current events, claiming there has been a security breach that requires immediate action. Victims receive messages demanding urgent security updates or KYC (Know Your Customer) verifications that seem official but are anything but. Messages often ask for full passwords, recovery phrases, or one-time passwords (OTPs), tricking victims into believing they must comply to secure their assets. For example, a victim might receive a WhatsApp voice message from a contact claiming a crypto exchange has lost customer data and must verify their identity at once, leading them to a fake website that closely resembles the actual exchange login page.

Once victims are lured into providing their information, the consequences can be severe. The fraudster may extract sensitive credentials through a phishing site and use them to drain the victim's crypto wallet. There are numerous documented cases in India where individuals have lost substantial amounts of money due to this scam. A notable incident involved a resident in Mumbai who, believing he was communicating with a representative of a well-known crypto exchange, lost approximately ₹50 lakh within a mere few hours, demonstrating the potential for massive financial losses. Many victims reported feelings of shock and betrayal, often leading to ongoing anxiety as they navigate financial instability.

The impact of crypto credential harvesting phishing scams in India is an alarming reality. Reports from CERT-In state that cryptocurrency-related scams have escalated, leading to cumulative losses exceeding ₹100 crore in 2023 alone. The Ministry of Home Affairs (MHA) has issued multiple advisories warning the public about these scams while the Reserve Bank of India (RBI) continuously reminds consumers about the risks associated with sharing sensitive information online. The virtual world remains perilous, especially with evolving scams, and awareness is crucial to safeguarding one's assets.

To distinguish between a scam and legitimate communication, users must scrutinize links before clicking; a common tactic in scams is the use of slightly misspelled URLs that mimic official sites. Genuine exchanges will never ask for full account credentials via WhatsApp, SMS, or email. Always double-check the sender’s email or contact number; messages from unlisted addresses should raise red flags. Furthermore, two-factor authentication should be enabled, keeping critical information secure and verifying communication channels through official apps or websites alone. Awareness of the tactics used, along with skepticism, can be effective shields against falling prey to these scammers.

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does Crypto Credential Harvesting Phishing Scam Target?

General public across India

Red Flags — How to Identify Crypto Credential Harvesting Phishing Scam

Links with slight misspellings of official exchange names
Messages demanding urgent security updates or KYC immediately
Requests for full passwords, recovery phrases, or OTPs
Email/SMS from unlisted contact addresses

What To Do If You Encounter Crypto Credential Harvesting Phishing Scam

Report the incident to the cybercrime helpline by calling 1930 or visiting cybercrime.gov.in.
Change your passwords immediately for your crypto accounts and your email linked to them.
Enable two-factor authentication on all your accounts to enhance security.
Contact your bank’s fraud helpline (SBI at 1800-11-1109 or HDFC at 1800-202-6161) to inform them of the scam.
Collect evidence of the phishing attempt including screenshots and messages for reporting purposes.
Educate yourself on the common features of phishing scams to avoid future incidents.

How to Report Crypto Credential Harvesting Phishing Scam in India

Call 1930 — National Cyber Crime Helpline (24x7)
File a complaint at cybercrime.gov.in
Contact your bank immediately if money was lost
Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What to do if I shared my OTP in a WhatsApp scam?: If you've shared your OTP, immediately change your password for the affected account and contact your bank at 1800-11-1109 or HDFC at 1800-202-6161 for further assistance. You should also report the incident to the cybercrime helpline at 1930.
How can I identify a Crypto Credential Harvesting Phishing Scam?: Look for links with slight misspellings of official exchange names or messages demanding urgent action regarding account verification. Legitimate exchanges won’t ask for sensitive details via messaging apps.
How do I report this type of scam in India?: You can report phishing scams by calling the cybercrime helpline at 1930, submitting a report at cybercrime.gov.in, and notifying your bank about any financial fraud.
What recovery steps are available if I've been scammed?: If you’ve been scammed, first document everything related to the scam. Change your passwords, contact your bank, and report the scam to the cybercrime helpline at 1930 for guidance on further action.

Related Scams in India

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.