UPI Spoofing Phishing Attack
Verdict: Suspicious | Risk Score: 9/10 | Severity: critical
How UPI Spoofing Phishing Attack Works
Overview: UPI spoofing scams are increasingly common in India, with attackers sending fake payment requests or UPI links to steal money from people's bank accounts. Scammers often pose as buyers, sellers, or customer support agents on platforms like OLX, Facebook Marketplace, or even while providing support for popular apps like Paytm and PhonePe. How It Works: 1. The victim receives a collect/request money link by SMS, WhatsApp, or in-app message. 2. The scammer claims to send money (e.g., for an item you’re selling) but actually sends a request for you to "approve" and transfer money out. 3. Sometimes, scammers share malicious QR codes to scan for payment receipt, which actually debits your account. 4. The transfer is instant, and funds are difficult to recover once gone. India Angle: This scam is homegrown and targets Indians across urban and semi-urban areas. It leverages UPI—India’s most popular payment platform—usually through Hindi and English, with regional language variations in Kerala and Maharashtra. Sellers on Facebook Marketplace, OLX, and WhatsApp groups are especially at risk. Real Examples: - 'Hello, I will pay full price for your fridge. Please approve this Google Pay link so I can transfer now.' - 'Scan this QR code to receive your rent deposit.' - 'Dear customer, update your UPI PIN using this secure link to avoid block.' Red Flags: 1. Payment requests or collect requests for supposed receipt of funds. 2. Unsolicited QR codes from unverified strangers. 3. Messages pressuring quick action to complete transaction. 4. Links to unknown third-party websites for UPI verification. Protective Measures: - Never approve collect requests or click UPI links without understanding the transaction. - Accept payments only after verifying the actual credit in your bank account. - Do not scan QR codes from unknown sources. - Use official banking apps, avoid links sent by strangers. If Victimised: - Report to your bank and request immediate freeze of account. - Call 1930 or complain on cybercrime.gov.in with full details. Related Scams: - Fake customer care UPI fraud - QR code rental or job scams - KYC/OTP phishing attacks
How This Scam Works — Detailed Explanation
UPI spoofing scams have gained traction across India, particularly through platforms where everyday transactions occur, such as OLX and Facebook Marketplace. Scammers pose as buyers or sellers, often exploiting the common use of Unified Payments Interface (UPI) for quick money transfers. They target people in online ad listings or virtual marketplaces, building trust by employing relatable setups such as requesting a small deposit for a product or service. With the rapid adoption of mobile payment systems, these scammers are adept at leveraging social media and instant messaging apps like WhatsApp to reach potential victims, creating a deceptive façade of legitimacy.
The tactics used in UPI spoofing scams are both subtle and sophisticated, relying on psychological manipulation. Scammers may initiate contact with customers under the pretense of legitimate transactions, creating urgency that pressures prospective victims into making hasty decisions. They might send unsolicited payment links or instruct victims to scan QR codes for money receipt while assuring them of safety and reliability. In many cases, these fraudsters even disguise themselves as customer support agents for popular applications like Paytm or PhonePe, thereby further enhancing their credibility. The urgency crafted through time-sensitive offers or special deals is a prominent tactic that forces people to act quickly without verifying authenticity.
Upon falling prey to such scams, victims typically experience a series of distressing steps. Initially, they might be lured by a low-price offer on a product only to be targeted with an incoming payment link. After clicking the link, victims are either prompted to share their UPI login credentials or are asked to approve a pending transaction. For instance, a recent report from Maharashtra highlighted a case where an individual lost ₹25,000 to a spoofing attack after engaging with a fraudulent buyer’s message on a listing site. Victims often realize something is wrong only when their bank accounts reflect unexpected withdrawals or unauthorized transactions, leading to a frantic scramble to recover lost funds.
The impact of UPI spoofing in India has been severe, with the National Crime Records Bureau (NCRB) estimating a staggering ₹1,800 crores lost to cyber fraud victims in the last year alone. As per advisories from CERT-In, a dedicated body within India’s IT ministry, there has been a year-on-year growth in complaints regarding digital fraud, including UPI scams. The increase in such fraudulent activities prompted the Reserve Bank of India (RBI) to issue clear guidelines urging citizens to close any suspicious financial links with their banks. Reports show that these scams might be more widespread than initially thought, affecting thousands of wallets and leading to overall financial instability for many unsuspecting users.
To effectively identify a UPI spoofing phishing attack, one should be familiar with the signs of legitimate communications. For instance, if you receive an unsolicited payment request, or if the request seems hurried or offers high discounts, it’s a red flag. Authentic institutions rarely ask for sensitive information like UPI PINs or login credentials via links. Additionally, always verify any request for money, especially if it comes from unfamiliar numbers or platforms. Understanding normal transactional patterns can drastically reduce your risk of being scammed, ensuring that you stay informed and vigilant when it comes to online transactions.
Visual Intelligence:
BharatSecure's AI has identified this as a used in scams targeting Indian users.
Who Does UPI Spoofing Phishing Attack Target?
General public across India
Red Flags — How to Identify UPI Spoofing Phishing Attack
- Unsolicited payment or collect requests
- Pressure to scan QR codes for 'receiving money'
- Links asking for UPI login or PIN reset
- Fake customer support numbers
- Purchase deals that feel rushed
What To Do If You Encounter UPI Spoofing Phishing Attack
- Report fraud at the cybercrime helpline by dialling 1930 or visit cybercrime.gov.in.
- Immediately inform your bank's customer service about the unauthorized transactions.
- Block or unlink your UPI ID from the app you suspect was compromised.
- Change your UPI PIN and reset your banking passwords as a precaution.
- Educate family and friends about UPI scams to raise awareness and minimize risks.
- Monitor your bank statements regularly for any suspicious activities.
How to Report UPI Spoofing Phishing Attack in India
- Call 1930 — National Cyber Crime Helpline (24x7)
- File a complaint at cybercrime.gov.in
- Contact your bank immediately if money was lost
- Call RBI helpline: 14440 for banking fraud
Frequently Asked Questions
- What to do if I shared my OTP in a UPI scam?
- Immediately contact your bank's customer service line, such as SBI at 1800-11-1109 or HDFC at 1800-202-6161, to secure your account and change your passwords.
- How can I identify if a payment request is a scam?
- Look for unsolicited requests, pressure tactics for urgency, or ask for sensitive details like PINs or passwords — these are often signs of a scam.
- How to report this type of scam in India?
- You can report scams by calling the helpline 1930 or by visiting cybercrime.gov.in. Make sure to gather all evidence before reporting.
- What steps can I take to recover money after being scammed?
- Contact your bank immediately to report the fraud, and file a complaint with the local police and on cybercrime.gov.in. Recovery can take time but prompt action is crucial.
Related Scams in India
Verify Any Suspicious Message
Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.