What to do if I shared my OTP in a UPI fraud scam?

Immediately change your UPI PIN and bank password. Report the incident to your bank's customer service helpline and inform them of the scam.

How can I identify this specific UPI fraud scam?

Look for unsolicited messages claiming there is an issue with your account or asking for immediate action. Genuine banks never request sensitive info via SMS.

How do I report this type of scam in India?

You can report the scam by calling the cybercrime helpline at 1930 or visiting cybercrime.gov.in to file a complaint.

What are the recovery steps if I've lost money in this scam?

Contact your bank immediately to report the fraud, and keep documentation ready. They may guide you through the recovery process, but acting swiftly is crucial.

RBI suggests cooling-off period for UPI, bank transfers

INDIA — By BharatSecure Threat Intelligence Team · Updated Jun 12, 2026

Suspicious Risk: 5/10 Severity: Medium BharatSecure Threat Intelligence

Category: upi_fraud

Verdict Summary

RBI suggests cooling-off period for UPI, bank transfers shows strong scam indicators common in fraud targeting Indian users. Do not share OTPs, passwords, or payments — verify the source independently.

Risk score: 5/10 · Severity: Medium · Verdict: Suspicious

Scam Intelligence: RBI suggests cooling-off period for UPI, bank transfers

Proprietary signals from BharatSecure's scam-tracking database.

Last reported

Jun 12, 2026

How RBI suggests cooling-off period for UPI, bank transfers Works

To curb the surge in digital payment fraud, the RBI has proposed a cooling-off period for UPI and bank transfers. This measure aims to provide users with a window to review and potentially cancel suspicious transactions, thereby reducing financial losses.

How This Scam Works — Detailed Explanation

Scammers often target individuals in India using digital payment platforms like UPI and messages on WhatsApp. They may pose as bank officials or customer support representatives, reaching out directly via calls or texts. Many times, these scammers utilize stolen databases that provide them with personal information about potential victims, such as their bank details or UPI identifiers. For instance, a scammer could send a fake notification claiming that there is an issue with a transaction, enticing the victim to engage in further conversation. This initial contact usually occurs during high traffic times for digital transactions, when people are more willing to respond quickly to any financial messages due to urgency.

Once they have established contact, these scammers employ a variety of psychological tactics to manipulate their victims. They often create a false sense of urgency, pushing individuals to act quickly without thinking carefully about the implications. Common narratives include claims of potential account freezing due to suspicious activity or notifying them they have won a lottery that requires a small fee to process. They exploit emotions like fear or greed to convince victims to share critical information such as One Time Passwords (OTPs) or to authorize transactions. This method is particularly effective with older individuals who may be less familiar with digital payment systems and thus more anxious about the security of their accounts.

When victims find themselves caught in such scams, the process is painfully systematic. After being persuaded to provide sensitive information or make quick transactions, they realize the fraud only when they see unauthorized transactions reflecting in their bank statements. For example, a victim might receive a text that appears to be from SBI (State Bank of India), prompting them to check a transaction for verification. Acting on this, they might inadvertently click on a phishing link or share an OTP, which allows scammers to drain their account almost immediately. Indian cases have reported losses amounting to thousands, where victims were left helpless, frustration mounting as they scramble to regain control over their funds.

The scale of financial losses in India due to such digital fraud is staggering. The Ministry of Home Affairs noted in a report that cyber fraud drained approximately ₹24,000 crore (about $3 billion USD) from unsuspecting victims last year alone. With increasing digitalization and the rise of UPI transactions, which now account for over ₹9 lakh crore in monthly transactions, scams are growing in frequency. The Reserve Bank of India (RBI) has had to address this issue, frequently releasing advisories through CERT-In, urging users to be vigilant and protecting their transactions through enhanced security measures.

Understanding and recognizing the differences between legitimate communications and scams is crucial. Official communications from banks typically include secure links, personal touchpoints, and will never request sensitive information like PINs or OTPs over SMS or calls. Users should remain skeptical of unsolicited calls or texts, and when in doubt, should always contact their bank using official helplines like SBI’s 1800-11-1109 or HDFC’s 1800-202-6161 rather than engaging directly with the message sender. Thus, a cooling-off period as suggested by RBI can help users reflect on their transactions, effectively reducing impulsive decisions that contribute to fraud losses.

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does RBI suggests cooling-off period for UPI, bank transfers Target?

General public across India

Red Flags — How to Identify RBI suggests cooling-off period for UPI, bank transfers

RBI
cooling-off period
UPI
bank transfers
digital payment fraud

What To Do If You Encounter RBI suggests cooling-off period for UPI, bank transfers

Report any suspicious transaction by calling the cybercrime helpline 1930 or visiting cybercrime.gov.in.
Immediately contact your bank's customer service using numbers like SBI 1800-11-1109 or HDFC 1800-202-6161.
Use the UPI app's built-in features to dispute transactions if you suspect fraud.
Change your UPI PIN and bank account password to secure your financial details.
Monitor your bank statements regularly for any unauthorized transactions.
Educate yourself and loved ones about the tactics used in scams to identify them quicker.

How to Report RBI suggests cooling-off period for UPI, bank transfers in India

Call 1930 — National Cyber Crime Helpline (24x7)
File a complaint at cybercrime.gov.in
Contact your bank immediately if money was lost
Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What to do if I shared my OTP in a UPI fraud scam?: Immediately change your UPI PIN and bank password. Report the incident to your bank's customer service helpline and inform them of the scam.
How can I identify this specific UPI fraud scam?: Look for unsolicited messages claiming there is an issue with your account or asking for immediate action. Genuine banks never request sensitive info via SMS.
How do I report this type of scam in India?: You can report the scam by calling the cybercrime helpline at 1930 or visiting cybercrime.gov.in to file a complaint.
What are the recovery steps if I've lost money in this scam?: Contact your bank immediately to report the fraud, and keep documentation ready. They may guide you through the recovery process, but acting swiftly is crucial.

🛡️

How This Scam Works — BharatSecure AI

Spreading fast

A plain-language breakdown based on 87 real reported scams of this type.

How they reach you	Unsolicited contact via WhatsApp messages/calls, SMS, and phone calls (vishing) is the dominant first-touch channel, frequently delivering malicious payment links, fake QR codes, or disguised UPI coll
How they gain your trust	Scammers establish credibility through impersonation of trusted authorities — bank officials, payment-app customer support, government schemes (RBI, PM-Kisan, income tax), or known relatives/friends —
How they take your money	UPI is the universal rail across all 87 records — exploited via collect requests where entering a PIN sends rather than receives money, malicious paym
Who they target	Targeting is broad-spectrum but with documented concentration on the elderly (digital unfamiliarity, dependency on caregivers), rural users and farmers (government-scheme pretexts), students and young

How they manipulate you

Urgency/scarcity bias — account deactivation, KYC expiry, or suspicious-transaction panic forcing immediate action
Authority bias — deference to bank, RBI, government, or army-officer personas
Trust-by-familiarity — cloned voices, family impersonation, and recognised brand logos exploit relational trust
Greed/reward anticipation — cashback, prizes, refunds, trading profits, and 'receive money' framing that inverts the payment direction

Warning signs

A UPI PIN is requested or required to 'receive' money — entering a PIN always sends money, never receives it
Unsolicited calls/messages claiming urgent account, KYC, or transaction issues from 'bank officials', 'customer support', or government bodies
Requests to install remote access or screen-sharing apps (e.g., AnyDesk/TeamViewer-type tools) to 'fix' a problem or process a refund
UPI ID or display name mismatches — slightly altered VPAs, extra characters, or misleading names like 'Verified Merchant' or 'Bank Refund Dept'
Pressure to scan unknown QR codes or click payment links sent via WhatsApp/SMS, often paired with prize, cashback, refund, or grant offers

Related Scams in India

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.