What to do if I shared my OTP in a phishing scam?

Immediately contact your bank's customer support or helpline to report the incident. For example, SBI can be reached at 1800-11-1109, and HDFC at 1800-202-6161.

How can I identify this specific phishing scam?

Look for generic greetings, poor language, suspicious links, or requests for personal information. Authentic communications will typically use your full name and follow proper security protocols.

How to report this type of scam in India?

You can report phishing scams by calling the cybercrime helpline at 1930 or visiting cybercrime.gov.in. Also, ensure to alert your bank about potential fraud.

What steps should I take to recover my account or protect it after being targeted?

Change your passwords immediately and follow up with security questions if necessary. Enable two-factor authentication and reach out to Meta customer service for further assistance in recovering any compromised accounts.

Meta Platforms, Inc. (Facebook/Instagram) Phishing Scam

INDIA — By BharatSecure Threat Intelligence Team · Updated May 18, 2026

Verdict: Suspicious | Risk Score: 7/10 | Severity: high

Category: phishing

How Meta Platforms, Inc. (Facebook/Instagram) Phishing Scam Works

Phishing attempts are targeting users of Meta platforms, including Facebook and Instagram. These scams often involve fake security alerts, account verification requests, or enticing offers designed to steal login credentials and personal data.

How This Scam Works — Detailed Explanation

Scammers targeting users of Meta Platforms, Inc. (Facebook/Instagram) are becoming increasingly sophisticated in their methods to find and approach victims. They typically utilize various channels, including phishing emails, fake SMS messages, and even direct messages on WhatsApp and Instagram. These communications often appear legitimate due to their use of familiar branding and language that mimic Meta’s own notifications. For instance, they might pose as Meta's security team, claiming there has been suspicious activity related to your account, prompting the victim to click on a link that redirects them to a counterfeit login page. This page is designed to look identical to the real Facebook or Instagram login interface, making it easy for unsuspecting users to be manipulated.

The specific tactics used by these scammers often involve psychological tricks that exploit the urgency and fear of account compromise. Fake notifications may threaten that an account will be locked or compromised if immediate action isn’t taken. These messages create a sense of urgency that compels victims to act quickly without properly assessing the legitimacy of the request. Many scams also entice with offers like winning a giveaway for free gifts or special discounts, leading users to disclose sensitive personal information, including login credentials, phone numbers, or even UPI details for cash rewards. Individual scammers can leverage social engineering, posing as trustworthy acquaintances or Meta employees, to extract essential information from unaware users.

Once victims interact with these phishing attempts, the process unfolds in several alarming steps. After providing their login details on the fake page, the scammers gain full access to the victim's account. They can then change the profile information and security settings, effectively locking the victims out and establishing control over the account. For example, a user might find that their Facebook account has been used to spread spam or solicit money from friends. As accounts get compromised, the perpetrators can even link it to UPI transactions, leading to unauthorized payments. Many victims report losses in the range of ₹1 lakh to ₹2 crores collectively, showing how prevalent and impactful these schemes can be. In some reported cases, users received OTP requests on their registered mobile numbers, falsely believing they were legitimate, furthering the cycle of exploitation.

The real-world impact of the Meta Platforms phishing scams in India has been devastating. The Ministry of Home Affairs (MHA) reports that in 2023 alone, over ₹350 crores were lost due to such scams, with many victims being unaware of the repercussions until it was too late. The Reserve Bank of India (RBI) and the Computer Emergency Response Team - India (CERT-In) continue to issue guidelines to protect citizens against these scams, advising them to remain alert. The rising trend of cybercrime, particularly in the context of social networking sites, showcases a critical need for public awareness and preparedness against these threats. Phishing attacks alone have increased by 37% in India, indicating the urgent need for vigilance.

To differentiate between a legitimate communication from Meta and a phishing attempt, users should pay close attention to specific details. Legitimate emails from Meta will include your actual name—if you're addressed generically as 'Dear User', that's a red flag. Check for spelling errors or atypical sender addresses, which are often signs of fraudulent attempts. Links should not be clicked directly; rather, users should manually type in the URL in the browser to ensure they reach the authentic Meta site. Furthermore, legitimate communications will not request sensitive information through unsecured channels like email or messaging apps. If in doubt, always refer to Meta's official support page or use the help options provided directly on their platforms.

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does Meta Platforms, Inc. (Facebook/Instagram) Phishing Scam Target?

General public across India

Red Flags — How to Identify Meta Platforms, Inc. (Facebook/Instagram) Phishing Scam

Meta Platforms
Facebook
Instagram
phishing
social networking
account compromise

What To Do If You Encounter Meta Platforms, Inc. (Facebook/Instagram) Phishing Scam

Report the incident immediately by calling the cybercrime helpline at 1930 or visiting cybercrime.gov.in.
Change your login credentials immediately if you suspect any unauthorized access.
Enable two-factor authentication on your Meta accounts to add an extra layer of security.
Monitor your linked bank accounts and UPI transactions for any unauthorized activity.
Inform your friends and family to beware of suspicious communications from your compromised account.
Consider reporting the crime to the respective social media platform to assist in recovering your account.

How to Report Meta Platforms, Inc. (Facebook/Instagram) Phishing Scam in India

Call 1930 — National Cyber Crime Helpline (24x7)
File a complaint at cybercrime.gov.in
Contact your bank immediately if money was lost
Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What to do if I shared my OTP in a phishing scam?: Immediately contact your bank's customer support or helpline to report the incident. For example, SBI can be reached at 1800-11-1109, and HDFC at 1800-202-6161.
How can I identify this specific phishing scam?: Look for generic greetings, poor language, suspicious links, or requests for personal information. Authentic communications will typically use your full name and follow proper security protocols.
How to report this type of scam in India?: You can report phishing scams by calling the cybercrime helpline at 1930 or visiting cybercrime.gov.in. Also, ensure to alert your bank about potential fraud.
What steps should I take to recover my account or protect it after being targeted?: Change your passwords immediately and follow up with security questions if necessary. Enable two-factor authentication and reach out to Meta customer service for further assistance in recovering any compromised accounts.

Related Scams in India

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.