Fake NCRF Cybersecurity Grant Scam

Scam Intelligence: Fake NCRF Cybersecurity Grant Scam

Proprietary signals from BharatSecure's scam-tracking database.

How Fake NCRF Cybersecurity Grant Scam Works

Overview: Fraudsters are exploiting the growth of India’s cybersecurity response (notably post-AIIMS cyberattack) by sending out fake grants, audits, and inspection notices. Posing as representatives of the National Cybersecurity Response Framework (NCRF) or 'Cyber Defense Units', they dangle attractive offers such as 'free audits' or 'exclusive grants' for protection, but their real aim is to infect your device or trick you into paying fees. Small business owners, hospital admins, and professionals are at special risk. How It Works: Victims get SMS, WhatsApp, or email communications claiming they have been selected for a cybersecurity grant or a free cyber risk audit, often referencing recent attacks like the AIIMS hack. The message uses official-looking letterheads, NCRF logos or cites statements from real authorities. You’re asked to fill a form, download a 'cyber audit tool' (actually malware), or pay a small 'processing fee' (₹1,000–10,000) via UPI/GPay links like [UPI_REDACTED]. Attachments may be disguised as '.pdf.exe' files that install spyware or ransomware when opened. India Angle: The scam leverages local awareness and online chatter about government initiatives and central agencies. Messages use both English and Hindi, and quote real government programs for authenticity. Fraudsters typically use fake government IDs or create WhatsApp groups for 'cyber grant beneficiaries.' Primary targets include hospital administrators, education staff, and business owners in urban and semi-urban centres. Real Examples: Example 1: Email: 'Congratulations! Your hospital shortlisted for NCRF grant after AIIMS Delhi incident. Download cyber audit tool from attached NCRF-Framework.pdf.exe. Pay ₹3,500 via UPI [UPI_REDACTED].' Example 2: WhatsApp: 'Your business is eligible for a Rs 5,000 cybersecurity subsidy under NCRF. Submit PAN and process fee now.' Red Flags: - Calls/texts offering unsolicited government grants referencing the AIIMS attack. - Attachments ending with .exe while purporting to be PDFs. - UPI IDs or bank accounts not matching official government accounts. - Urgent timelines ('claim in 48 hours') and generic, bulk messages. Protective Measures: Always verify grant or audit offers through official government portals. Never download attachments from sources you did not contact first. Check the legitimacy of UPI IDs; real government grants never demand upfront processing fees. When in doubt, call the actual NCRF or visit ncsi.gov.in directly. If Victimised: Stop further communication. Run an antivirus scan and remove any downloaded files immediately. Change your bank passwords. Report the scam to 1930 and cybercrime.gov.in, and inform your bank if payment was made. Related Scams: - Fake MSME loan schemes. - Government job offer emails. - Bogus education or digital literacy grant frauds.

How This Scam Works — Detailed Explanation

Fraudsters are increasingly targeting small business owners, hospital administrators, and professionals in India by masquerading as representatives from the National Cybersecurity Response Framework (NCRF). They leverage platforms like WhatsApp and email to reach out to potential victims, primarily focusing on those who recently experienced cybersecurity incidents or expressed concerns about data safety after high-profile breaches, such as the AIIMS cyberattack. By exploiting recent news cycles, they generate urgency and fear, compelling individuals to consider their unsolicited offers seriously.

The tactics employed by these scammers often involve psychological manipulation. They present themselves as trustworthy officials from the NCRF or 'Cyber Defense Units' and provide attractive pitches for 'free audits' or 'exclusive grants' to enhance cybersecurity measures. Their communication typically contains references to recent cyber incidents, creating a false sense of necessity that should not be ignored. By fabricating a sense of authority and urgency, they aim to instill fear of falling victim to future cyberattacks, thus leading their potential victims to give in quickly without verifying the legitimacy of their claims.

Once a victim expresses interest, the scam unfolds step-by-step. Typically, the victim is instructed to provide sensitive information or download attachments that contain malicious software disguised as legitimate files (e.g., .exe or .zip files renamed to look like .pdfs). They might also request processing fees to facilitate grants or audits through personal UPI IDs. For instance, if a hospital administrator receives an email claiming to be from NCRF asking for a ₹5,000 fee for processing an audit, they may end up transferring the money through UPI without realizing that they have just financed a scam. Victims may additionally find their devices compromised, leading to further data theft or unauthorized transactions.

The impact of this scam on individuals and businesses can be devastating. The Ministry of Home Affairs (MHA) and the Reserve Bank of India (RBI) have highlighted that cyber fraud losses are climbing year over year, with reports indicating that fraudsters have raked in over ₹2,000 crore in scams related to UPI transactions alone in 2023. The National Payments Corporation of India (NPCI) and CERT-In also issue advisories regarding escalating incidents of cyber fraud, which further highlights the magnitude of this issue in India. Victims not only suffer financial losses but often face a long-standing battle to recover their funds and secure their digital identities, which can take months or even years.

To spot this scam compared to legitimate communications, victims should be vigilant about unsolicited messages. Authentic government communications will typically come from verified email addresses rather than personal or unknown numbers. They will not ask for payment fees via UPI or any other non-official payment methods. Genuine notifications about grants or audits will always be officially documented and recognized by institutional channels, unlike the low-quality and poorly written emails that many victims report receiving. A critical red flag is any communication that pressures individuals to act quickly without providing proper verification; legitimate grants and offers come with adequate background checks and documentation.

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does Fake NCRF Cybersecurity Grant Scam Target?

General public across India

Red Flags — How to Identify Fake NCRF Cybersecurity Grant Scam

• Unsolicited 'cybersecurity grant' or 'audit' offers referencing AIIMS or NCRF
• Attachments with suspicious file types (.exe, .zip) disguised as .pdf
• Requests for processing fees via personal UPI IDs
• Government messages from non-official emails or WhatsApp numbers

What To Do If You Encounter Fake NCRF Cybersecurity Grant Scam

1. Report the incident immediately by calling the National Cyber Crime Helpline at 1930 or visiting cybercrime.gov.in.
2. Do not respond to unsolicited messages claiming to be from NCRF or similar entities; ignore and delete them.
3. If you've already shared personal information, contact your bank's helpline (e.g., SBI 1800-11-1109 or HDFC 1800-202-6161) to safeguard your accounts.
4. Educate your staff or fellow professionals about this scam to prevent others from falling victim.
5. Monitor your bank statements and digital accounts for any unusual transactions and report them to your bank.
6. Consider changing passwords and enabling two-factor authentication on sensitive accounts to enhance security.

How to Report Fake NCRF Cybersecurity Grant Scam in India

• Call 1930 — National Cyber Crime Helpline (24x7)
• File a complaint at cybercrime.gov.in
• Contact your bank immediately if money was lost
• Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What to do if I shared my OTP in a UPI scam?

Immediately contact your bank's helpline (SBI: 1800-11-1109, HDFC: 1800-202-6161) and inform them about the incident. They can assist in blocking any unauthorized transactions.

How do I identify the Fake NCRF Cybersecurity Grant Scam?

Be wary of unsolicited emails or WhatsApp messages that promise government grants or audits but originate from non-official communications. Genuine government offers will not ask for payments via personal UPI IDs.

How do I report this type of scam in India?

You can report incidents to the National Cyber Crime Helpline by calling 1930 or visiting cybercrime.gov.in. It's essential to document all communications for reference.

How can I recover money or protect my accounts after this scam?

Contact your bank immediately to secure your account against unauthorized transactions. Regularly monitor statements and consider freezing your account if necessary.

Related Scams in India

• AI Deepfake CEO Fraud (BEC Scam)
• AI Deepfake Executive Authorization Scam
• AI Deepfake Voice Payroll Fraud
• AI Voice Clone Urgent Money Transfer Scam (General)
• AI Voice Cloning Emergency Scam (Familiar Person)

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.