What to do if I shared my OTP in a UPI scam?

Immediately contact your bank's customer service and also report the incident at cybercrime.gov.in for potential recovery.

How can I identify a fake FBI/Interpol call?

Legitimate agencies do not make unsolicited calls asking for money and typically send official correspondence.

How do I report this type of scam in India?

You can report it to cybercrime.gov.in or call the cybercrime helpline at 1930. Also inform your bank.

What recovery steps can I take after this scam?

Contact your bank to freeze accounts if you suspect unauthorized access and follow up with cybercrime authorities.

Fake FBI/Interpol Ransomware Extortion Calls

Verdict: Suspicious | Risk Score: 8/10 | Severity: high

Category: UPI, WhatsApp, Remote Access

How Fake FBI/Interpol Ransomware Extortion Calls Works

Overview: This scam targets Indian smartphone and computer users by impersonating international law enforcement such as the FBI or Interpol. The scammer claims your device is infected with a dangerous ransomware strain (like LockBit or Qilin) and threatens legal trouble or data loss unless you pay a 'decryption fee.' It's dangerous because victims are pressured into making urgent UPI or crypto payments, sometimes losing thousands of rupees in panic, and may inadvertently grant full access to sensitive data. How It Works: 1. You receive a call, WhatsApp message, or email with urgent warnings about FBI-detected ransomware on your device. 2. The scammer may spoof international numbers and use AI voice cloning for authenticity. 3. You are threatened with legal action, account freezing, or exposure of your data if you don't comply. 4. The scammer demands a "decryption fee" (often via UPI), or requests remote access to your device. 5. After payment or access, the scammer vanishes—your device was never infected. India Angle: Scammers commonly exploit international law enforcement names for credibility, knowing most Indians have heard of the FBI or Interpol. They often use WhatsApp, spoofed international numbers, or even local English-speaking agents with Indian accents. UPI is the preferred payment method. This scam has been reported in metros like Bengaluru, Hyderabad, and tech hubs with many professionals and students, who are more likely to panic about security warnings. Real Examples: - "Hello, this is Officer Smith from the FBI's cyber division. Your phone has been flagged for LockBit ransomware activity. Pay ₹12,500 via UPI within 30 minutes or your WhatsApp and banking apps will be locked." - WhatsApp message: "Interpol notice: Device compromised - contact our support at 986****123 now!" Red Flags: - Calls claiming to be from FBI/Interpol for Indian cybercrime issues - Demands for payment through UPI to suspicious receiver names - Threats of legal prosecution or instant account freeze - Requests for remote screen-sharing via apps such as AnyDesk - Urgent deadlines ("Pay within 30 minutes"), especially late at night Protective Measures: - Ignore calls/emails from supposed FBI/Interpol officials about ransomware, especially if payment is demanded - Never grant remote device access to unknown callers - Only trust cyber warnings from Indian government agencies (CERT-In, local police) - Confirm with BharatSecure.app or local cyber police before responding - Use device security software and maintain regular backups If Victimised: - Disconnect from the internet immediately - Report the incident to the National Cybercrime Reporting Portal (cybercrime.gov.in) or call 1930 - Alert your bank/RBI via official channels if you've transferred funds - Seek help from a trusted IT professional Related Scams: - Tech Support Impersonation: Callers pose as Microsoft or Apple support - Fake Police Call Extortion: Claiming your Aadhaar or account is under investigation - Digital Arrest Scams: Threats of immediate jail unless you pay online

How This Scam Works — Detailed Explanation

Scammers often target Indian smartphone and computer users with alarming phone calls, impersonating well-known international law enforcement agencies like the FBI or Interpol. These criminals find their victims through data leaks, social media profiles, or even by cold-calling random numbers. Once they have your number, they place a call claiming that your device has been infected with a dangerous ransomware strain, such as LockBit or Qilin, which they assert puts your personal data at risk. This elaborate setup aims to instill fear and urgency, prompting immediate compliance from the victim.

To manipulate emotions effectively, scammers utilize a range of psychological tricks. They often start by stating that they've conducted a legal investigation about you and express grave concern about your connection to unlawful activities. By presenting themselves as authoritative figures, they create a sense of panic that urges you to act quickly. Often, they create an artificial timer, saying you must make a decision within a limited timeframe, leveraging this urgency to pressure you into compliance. Additionally, with the scamming community becoming increasingly sophisticated, many scammers may mimic Indian accents or use platforms like WhatsApp to add legitimacy to their threats, even while requesting payments through UPI to obscure bank accounts.

Once a victim engages with these scammers, the steps typically unfold as follows: The scammer will instruct the victim to download remote access software to supposedly check for the ransomware. This method allows the attacker to gain full access to your device, leading to further manipulation. They may then demand a 'decryption fee' that must be paid via UPI or cryptocurrency to regain access to your locked data. For instance, there have been reports of victims losing amounts ranging from ₹10,000 to ₹5 lakhs in a single call when pressured to act hastily, citing dire consequences if they fail to comply.

The impact of these scams on Indian users cannot be overstated. According to the Ministry of Home Affairs (MHA), losses from such ransomware scams have resulted in losses exceeding ₹1,000 crore in the past year alone. The Reserve Bank of India (RBI) has issued advisories warning users to remain vigilant against unsolicited communication purporting to be from authorities. CERT-In has also highlighted numerous incidents where victims have fallen prey to similar schemes. The alarming rise of these scams not only affects individual victims but also places a heavy burden on the economy and cybersecurity infrastructure, urging law enforcement agencies to take action.

Identifying these fake calls can be crucial in preventing financial loss. Legitimate communications usually provide a case number or specific official contact point for further verification. Be cautious of unsolicited calls, especially those claiming you must act urgently over the phone. If asked for payments to random names or via unconventional payment methods like crypto, it raises a red flag. Genuine law enforcement agencies would never request payment through UPI or other informal channels without prior written communication or official documentation. Always verify by directly contacting the alleged agency through verified numbers rather than responding to the caller.

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does Fake FBI/Interpol Ransomware Extortion Calls Target?

General public across India

Red Flags — How to Identify Fake FBI/Interpol Ransomware Extortion Calls

Unsolicited calls claiming FBI or Interpol involvement
Requests for UPI payment to random names
Demands for urgent action under threat of data loss
Requests for remote screen-sharing/access
International-sounding voice, still using Indian payment methods

What To Do If You Encounter Fake FBI/Interpol Ransomware Extortion Calls

Report the incident immediately by calling the cybercrime helpline at 1930 or visiting cybercrime.gov.in.
Do not share any personal information, UPI ID, or OTP with the caller.
Hang up and contact your bank's helpline (SBI 1800-11-1109 or HDFC 1800-202-6161) to report the call.
Change your passwords for online banking and financial apps as a precaution.
Monitor your bank statements for any unauthorized transactions.
Educate friends and family about this scam to prevent them from becoming victims.

How to Report Fake FBI/Interpol Ransomware Extortion Calls in India

Call 1930 — National Cyber Crime Helpline (24x7)
File a complaint at cybercrime.gov.in
Contact your bank immediately if money was lost
Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What to do if I shared my OTP in a UPI scam?: Immediately contact your bank's customer service and also report the incident at cybercrime.gov.in for potential recovery.
How can I identify a fake FBI/Interpol call?: Legitimate agencies do not make unsolicited calls asking for money and typically send official correspondence.
How do I report this type of scam in India?: You can report it to cybercrime.gov.in or call the cybercrime helpline at 1930. Also inform your bank.
What recovery steps can I take after this scam?: Contact your bank to freeze accounts if you suspect unauthorized access and follow up with cybercrime authorities.

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.