1930 cyber fraud helpline: the exact 7-minute script

If you are short on time, jump to the minute-by-minute breakdown and read the script aloud while you dial.

1930 is the National Cyber Crime Helpline, run by the Indian Cyber Crime Coordination Centre (I4C) under the Ministry of Home Affairs. It is the only number in India that can ask a beneficiary bank to put a temporary lien on a fraudster's account within minutes of your call. It feeds your complaint directly into the NCRP portal at https://cybercrime.gov.in/. The helpline is staffed 24×7 in Hindi, English and the major regional languages. Calls from any Indian mobile network are free. There is no charge to register a complaint.

The number replaced the older 155260 helpline in 2022. If anyone tells you to call 155260, they are working from outdated information, 1930 is the live channel.

You are reading this because something has gone wrong with money in the last few hours. Whatever the trigger, the next 60 minutes matter more than the next 60 days. A lien placed on the beneficiary account inside the golden hour is the difference between getting your money back and chasing the bank for two years.

Most first-time callers freeze on the phone. They forget the bank name. They cannot find the UTR. They tell a long story instead of the four facts the operator needs. This script fixes that. Read it once now. Keep it open while you dial.

There are three official channels. Each has a job. Use them in the right order.

1. 1930 helpline, the immediate freeze. Call within the first 60 minutes of noticing the fraud. The operator can flag the beneficiary account and trigger a stop-pay request through the bank.
2. NCRP portal at https://cybercrime.gov.in/, the written record. File this within 24 hours of the call. You will get a longer NCRP acknowledgement number and a PDF receipt the bank cannot dispute.
3. Local cyber cell or police station, the FIR. Visit within 72 hours, especially if the loss is above ₹50,000 or if there is identity theft involved. Carry the NCRP printout.

If you are reading this before the fraud has happened, you are forwarding it to a worried parent, say, bookmark the bank freeze process after cyber fraud page. It explains the lien mechanics in detail.

Before you press the green button on 1930, scroll through your SMS inbox and pull these out. Write them on a notepad. The operator will ask for each one and you will sound calmer if you can read them off.

1. Your full name as it appears on your bank account
2. Your registered mobile number (the 10-digit number the bank has on file)
3. Your bank name and account number (the last 4 digits are enough)
4. Date and time of the fraudulent transaction (read it off the debit SMS)
5. Exact amount in ₹ (no rounding)
6. UTR or transaction reference number (12-character string in the debit SMS; for UPI it begins with a 12-digit numeric)
7. Beneficiary VPA, account number or merchant name (if visible in the SMS)
8. A two-sentence description of what happened (write it down; do not improvise)
9. Your Aadhaar number and PAN (the operator may ask for ID verification midway)
10. A second phone you can be reached on (in case the fraudster has SIM-swapped your primary)

If you are missing the UTR, open the bank app and screenshot the transaction page. The UTR is also called RRN on some apps. On Google Pay it sits under “UPI transaction ID”. On PhonePe it is the long string under the receipt.

This is the script. Read it as written. Do not add backstory. The operator hears 400 calls a day and needs facts in a specific order.

When the operator says “1930, namaste”, reply:

1. “Sir/Ma'am, I am a victim of online financial fraud.”
2. “My name is [full name].”
3. “My mobile is [10-digit number].”
4. “Please register my complaint.”

That is it. Four lines. Do not start with “I got a call from a man who said he was from the bank…” The operator does not need the story yet. They need to open your case in the system first.

The operator will ask: “When did the fraud happen?”

Reply with the bank-name + time + amount + UTR in one breath:

1. “The fraud happened at 11:47 PM today from my HDFC Bank account.”
2. “The amount is ₹47,300.”
3. “The UTR is 524587920XXX.”
4. “The beneficiary VPA is xxxxx@paytm.”

If the fraud happened on multiple transactions, give the total and say “across three transactions”. They will ask for each UTR after.

The operator will ask: “Please describe what happened.”

Do not narrate a 5-minute story. Two sentences only:

1. “I received a call from a man claiming to be from [bank/agency]. He asked me to install an app / share an OTP / scan a QR / approve a transaction, and the amount was debited immediately.”

If it was a phishing link, say “I clicked a link in an SMS and entered my UPI PIN on a fake page.” If it was a delivery scam, say “A man claiming to be a courier asked me to confirm delivery with an OTP.” Keep it dry and factual.

The operator will read back the basics and ask for confirmation. Have your Aadhaar last 4 digits, PAN and email ready. They may also ask for the IFSC of your bank branch. The IFSC is on every cheque leaf and inside the app under “Account details”.

Many first-time callers forget this step. The operator will not always offer it. You ask. Use these words:

1. “Please raise a lien on the beneficiary account and notify the beneficiary bank.”
2. “Please also register this complaint on the NCRP portal under my registered mobile.”

The operator will confirm “Yes, this will be raised.” If they say only “We have noted your complaint” without mentioning the lien, ask again: “Sir/Ma'am, will the beneficiary account be frozen on this call?” Push politely.

Before you hang up, ask:

1. “Please give me my complaint reference number.”
2. “Please confirm when I will receive the NCRP acknowledgement SMS.”

Write the number on the same notepad. Read it back to confirm. The format is usually 14 digits beginning with the date, for a call placed today, it will start with 20260515. The acknowledgement SMS arrives within 15 minutes from sender ID CYBCRM or MHA-CYB.

End the call by saying “Thank you. I will file the detailed complaint on the portal within 24 hours.” Then hang up. Do not call back to add more details on the same number, that creates a duplicate case. Use the NCRP portal for additions.

The minutes after the call are the ones where the system actually moves money. Knowing the choreography helps you push the right people at the right time.

1. You receive an SMS from CYBCRM confirming the complaint number.
2. The 1930 control room sends a lien request to the beneficiary bank via the CFCFRMS back-end I4C runs.
3. The beneficiary bank's fraud cell receives the alert.

1. The beneficiary bank places a temporary lien (“intermediate hold”) on the recipient account if funds are still parked there. It lasts up to 7 working days.
2. If the money has already moved to a second mule, the lien follows the trail, but only if the first lien was placed before the transfer cleared. Minutes matter.

1. File a detailed complaint on https://cybercrime.gov.in/. Use the same registered mobile. Attach SMS screenshots, bank statement, and a one-page typed narrative.
2. You will get an NCRP acknowledgement PDF. Save 3 copies, for the bank, the police, and your records.
3. Visit your own bank branch with the NCRP printout. File a written dispute citing the RBI customer protection circular (see next section). Get a stamped acknowledgement.

1. If the loss is above ₹50,000, visit your local cyber cell with the NCRP printout. They will create a CCTNS entry and, if warranted, an FIR.
2. The bank's fraud cell will call you for additional verification. Answer that call. Missing it can delay the refund by weeks.

1. The beneficiary bank's lien expires after 7 working days unless a court order or a police direction under BNSS §106 extends it. Push your cyber cell to escalate if you do not see movement by day 5.
2. Partial credit may arrive within 30 to 90 days. Full recovery depends on how fast the money was moved.

The legal armour for the citizen sits in the RBI Master Direction on Customer Protection for unauthorised electronic banking transactions (the operative circular is DBR.No.Leg.BC.78/09.07.005/2017-18 issued 6 July 2017, with subsequent updates). The framework sets three tiers of customer liability for third-party fraud where the deficiency is not on the customer's side.

1. Reported within 3 working days, customer liability is ₹0. The bank must credit the full amount within 10 working days of receiving the customer's complaint.
2. Reported within 4 to 7 working days, customer liability is capped (₹5,000 to ₹25,000 depending on account type and transaction value).
3. Reported after 7 working days, liability is decided per the bank's Board-approved policy and can be 100% on the customer.

Two important caveats. First, the clock starts when you receive the debit SMS or otherwise notice the transaction, not when the transaction actually happened. If the bank delayed your SMS, that is a bank deficiency and works in your favour. Second, what counts as “reporting” is contested in practice. The RBI circular language is broad: any of (a) bank email, (b) bank branch visit with written complaint, © 1930 helpline log, or (d) NCRP acknowledgement, with date-stamped proof, is reporting. Banks sometimes claim only a branch visit counts. They are wrong. Cite the circular by number when you push back. (Editor: please re-verify the exact circular number and any 2025-26 amendment before this article goes live; the 2017 master direction has been updated more than once and a corrigendum may apply.)

Useful sibling read: how the bank freeze process actually works after cyber fraud walks through the lien mechanics from the bank's side.

The single most common follow-up fraud is a “1930 callback” scam. After the real 1930 call, the citizen gets a second call from a spoofed number claiming to be from 1930 or the bank's fraud cell. The caller says “Sir, your case has been registered. To process your refund, please share the OTP you just received” or “Pay ₹10 verification fee on this link.”

Memorise the rule:

1. 1930 will never ask for an OTP.
2. 1930 will never ask for a UPI PIN.
3. 1930 will never ask for a card CVV or expiry.
4. 1930 will never ask you to install AnyDesk, TeamViewer, Quick Support, or any remote-access app.
5. 1930 will never ask for a refund-processing fee.
6. 1930 will never call you from a mobile number. The official line is 1930. Inbound calls are made from short-code identifiers, not 10-digit mobiles. If a 10-digit number claims to be 1930, it is fake.

If the caller pushes, hang up and dial 1930 again. Tell the new operator there has been a callback fraud attempt and ask for it to be linked to your original case.

Go to https://cybercrime.gov.in/ from a desktop if possible (the form is friendlier). Choose “Report Other Cyber Crime” then “Financial Fraud”. Use the same registered mobile you used on the call. Attach:

1. Debit SMS screenshots (all of them, in chronological order)
2. Bank statement for the 24 hours before and after the fraud
3. A typed narrative, one page, dry and factual
4. Any chat or call records with the fraudster
5. Screenshot of the fake page or app if you have one

Submit. You will see a complaint reference number on screen. Download the acknowledgement PDF. Save it on Drive and locally. This PDF is your most powerful single document for the next 6 months.

Walk into the branch where you hold the account. Carry the NCRP PDF, the debit SMS screenshots and a typed dispute letter. The letter should:

1. Quote the RBI Master Direction on Customer Protection by circular number
2. State the exact date and time you noticed the debit
3. Demand a provisional credit within 10 working days as per the circular
4. Ask for a written acknowledgement under the bank's Citizen Charter

Get the acknowledgement stamped and signed. If the branch manager refuses, escalate to the Nodal Officer the same day. The nodal officer details are on every bank's website under “Grievance Redressal”. The freeze account after fraud, bank process explained page has the full template letter.

Find your district cyber cell or CyPS (Cyber Police Station), most districts now have one. Carry the NCRP PDF, bank dispute acknowledgement, ID proof and the original SIM if SIM-swap is involved. Ask for the complaint to be converted into a CCTNS entry at minimum, and an FIR if eligible.

If the cyber cell refuses to register a complaint, file an online complaint with the State DGP's office and CC the MHA cyber wing at https://cybercrime.gov.in/. Under the Lalita Kumari v State of UP (2014) judgment, registration of an FIR is mandatory for a cognisable offence, cyber fraud qualifies.

This step is where most citizens stop, and where the most leverage actually sits. File an RTI under §6(1) of the RTI Act to the bank PIO asking for:

1. The action taken on your complaint dated [date]
2. Whether a lien was placed on the beneficiary account, and if yes, the date and time
3. Whether the beneficiary bank confirmed receipt of the lien request
4. The bank's internal SLA for processing such complaints and whether it was met
5. The reasons for any delay

The bank PIO must reply in 30 days. A non-reply or evasive reply is grounds for first appeal, which puts heavy pressure on the bank's grievance machinery. You can draft this RTI in 2 minutes using the AI RTI Drafter; select “Bank cyber-fraud refund” as the template.

Each of these shrinks the recovery window.

1. Panicking and not dialling immediately. Every minute lost is real money lost. Dial first, cry later.
2. Deleting the WhatsApp chat or SMS with the fraudster. The chat is evidence. Take screenshots before doing anything else.
3. Withdrawing the remaining balance from the same account to “save it”. A sudden withdrawal looks suspicious to the bank's fraud team and slows your own refund.
4. Calling the fraudster's number back to threaten or negotiate. This warns the gang and helps them move money faster.
5. Sharing the OTP a second time to a follow-up “1930 helpline” call. (See the previous section.)
6. Posting the complaint number on social media. Fraudsters monitor public posts for fresh victims.
7. Skipping the NCRP filing because the 1930 call “felt like enough”. The portal complaint is the paper trail the bank cannot deny.
8. Not visiting the branch in person. Email-only complaints get buried in nodal-officer queues.
9. Cancelling the SIM before exporting the SMS. Export and back up the SMS history before reissuing. See SIM swap fraud recovery guide.
10. Filing under the wrong category on NCRP. Pick “Financial Fraud”, not “Other” and not “Cyber Bullying”. Wrong category routing adds days.

The helpline gets very high call volumes at peak fraud hours, especially 9 PM to 1 AM and weekends. If the line is busy:

1. Redial every 60 seconds. Most callers get through within 5 attempts.
2. In parallel, open https://cybercrime.gov.in/ on a second device and start the complaint there. Do not wait for the call. The portal complaint also triggers the lien workflow.
3. SMS your bank's official fraud short-code (it is on the back of your debit card and in the app). For example HDFC: 5676712, SBI: 567676, ICICI: 5676766, Axis: 56161600. The format is usually `BLOCK [last 4 digits]` or `STOP [card number]`. This freezes your card and account immediately, independent of the 1930 call.
4. Call the bank's 24×7 fraud helpline. Every Indian bank has one, the number is on every debit card. This will not place a beneficiary lien (only 1930 / NCRP can), but it stops further outgoing transactions from your own account.

When you do get through to 1930 on retry, mention you tried earlier and quote the time. The operator can timestamp your case from the first attempt, which protects your golden-hour math.

If the SMS shows a debit but no merchant name, the case may be a UPI Lite glitch or a mandate auto-debit, not a fraud. Read UPI deducted but not received, action plan first. Some resolve in 48 hours through the bank's normal dispute process.

AEPS frauds drain the account via biometric impersonation at a banking correspondent's micro-ATM. The script is similar but you must also lock your Aadhaar biometric at https://myaadhaar.uidai.gov.in/ within 30 minutes. See AEPS Aadhaar fraud recovery.

If your phone showed “No service” before the debit, this is SIM swap. Visit the telecom store before the bank visit; without a working SIM the bank's OTP dispute flow stalls. Full process in SIM swap fraud recovery guide.

After 10 working days, if the bank denies or delays the refund despite a within-3-day report, escalate to the Banking Ombudsman under the RBI Integrated Ombudsman Scheme 2021. File at https://cms.rbi.org.in/. The banking ombudsman complaint guide has the full template.

The statutes and circulars that work in the citizen's favour.

1. Information Technology Act 2000, §66C (identity theft, 3 years + ₹1 lakh fine), §66D (cheating by personation using computer resource, 3 years + ₹1 lakh fine). These are the operative IT Act sections for online financial fraud.
2. Bharatiya Nyaya Sanhita 2023, §318 (cheating, up to 7 years), §319 (cheating by personation, up to 5 years). Replaces the older IPC §420 from 1 July 2024.
3. Bharatiya Nagarik Suraksha Sanhita 2023, §106 allows a Magistrate to direct attachment of a bank account believed to hold proceeds of crime. This is the legal hook that extends the temporary lien into a court-ordered freeze.
4. RBI Master Direction on Customer Protection, DBR.No.Leg.BC.78/09.07.005/2017-18 dated 6 July 2017 (and updates). The zero-liability provisions discussed above. (Editor: confirm current dated version on www.rbi.org.in before publish.)
5. RBI Integrated Ombudsman Scheme 2021, the escalation route when the bank refuses or delays.
6. Lalita Kumari v State of UP (2014) 2 SCC 1, Supreme Court ruling that registration of an FIR is mandatory for cognisable offences. Cite this if the cyber cell refuses to register your complaint.

A typed copy of this letter, on a plain sheet, given at the branch counter with stamped acknowledgement.

To,
The Branch Manager,
[Bank name], [Branch name and address]
Date: [DD MMM 2026]

Subject: Unauthorised electronic banking transaction, request for
zero-liability refund under RBI Master Direction DBR.No.Leg.BC.78/
09.07.005/2017-18 dated 6 July 2017, Account number [last 4 digits
of account]

Sir/Madam,

I am the holder of savings account number [last 4 digits] at your
branch. On [date] at [time], I noticed an unauthorised debit of
₹[amount] from my account via [UPI/IMPS/card/AEPS]. The transaction
reference numbers are:
1. UTR [number] for ₹[amount] at [time]
2. UTR [number] for ₹[amount] at [time]

I reported the fraud to:
1. The National Cyber Crime Helpline 1930 at [time] on [date].
   Complaint reference: [14-digit number].
2. The NCRP portal at https://cybercrime.gov.in/ on [date].
   Acknowledgement number: [number]. PDF enclosed.

As the report was made within 3 working days of noticing the
unauthorised transaction, my liability is ₹0 under the RBI Master
Direction cited above. I request:

(a) A provisional credit of ₹[total amount] to my account within
    10 working days as per the circular;
(b) A written status update on the bank's lien request to the
    beneficiary bank;
(c) Acknowledgement of this complaint under the Citizen Charter.

I enclose: NCRP acknowledgement PDF, debit SMS screenshots, my
ID proof.

Yours faithfully,
[Name]
[Signature]
[Mobile number]
[Email]

Yes. The helpline is toll-free from every Indian mobile and landline network. There is no charge to register a complaint. If anyone asks for a “registration fee” or a “case fee” after the call, it is a fraud, see the OTP-and-payment section above.

You can, but the recovery odds are much lower. The temporary lien works best within 60 minutes; after 7 working days the money is usually moved beyond reach. Still call, still file on NCRP, and still visit the cyber cell, the case may be merged with other complaints against the same fraudster ring and recovery sometimes happens months later. Your right to a refund under the RBI circular shrinks but does not disappear.

Push back politely. 1930 has no minimum threshold for registering a complaint. If the operator pushes you off, ask for their employee ID and ask to be transferred to a supervisor. As a fallback, file directly on https://cybercrime.gov.in/, the portal accepts complaints of any value.

Not directly, the short code does not route from international networks. Use https://cybercrime.gov.in/ instead. The portal works from any country and the workflow is identical. You will need an Indian mobile number on file with your bank to receive verification SMS during follow-up; have a family member in India keep the SIM active.

No. Your complaint is routed only to the beneficiary bank's fraud cell and the I4C back office. If a caller later claims to “have your file” and asks for an OTP, that is a separate fraud, not a leak from 1930.

Optional but useful. Most Android phones record calls natively. If a dispute arises later about whether you reported within 3 days, a timestamped recording is conclusive evidence. The 1930 control room also records every call, and you can request the recording via RTI to I4C, see the citizen RTI playbook for how.

100 is the police emergency line for any crime. 1930 is the specialised cyber-fraud helpline with direct hooks into the banking system for lien placement. For a financial cyber crime, dial 1930 first. If there is a parallel safety threat (a kidnapping, a physical extortion attempt) dial 100 as well.

The lien at the beneficiary bank is a separate action from the refund at your bank. The refund is your own bank's obligation under the RBI Master Direction. Banks sometimes argue the refund waits for the lien to “succeed”, but the circular does not say that. Reporting within 3 working days entitles you to provisional credit within 10 working days. If your bank refuses, escalate to the Banking Ombudsman.

You can still call 1930. If the relative was misled (their account used as a mule without their knowledge) the investigation will sort that out. If the relative was complicit, the lien will sit on their account regardless. Read the bank freeze process after cyber fraud guide before deciding.

For Indian-bank-routed payments, yes. For crypto wallet drains and offshore exchanges, the lien mechanism does not reach, there is no Indian bank in the chain. File on https://cybercrime.gov.in/ anyway, but expect the recovery odds to be slim. The case may still be useful for prosecution if the fraudster is in India.

Yes. The Indian Cyber Crime Coordination Centre is a public authority under the MHA and is subject to the RTI Act. File an RTI 30 days after your complaint, asking for the action taken, the date the lien was raised, and the beneficiary bank's response. Use the AI RTI Drafter with “I4C cyber fraud status” as the template. See also the case database pillar for prior orders against delaying banks.

1. Dial 1930 if you have not already. Read the script above while it rings.
2. Open https://cybercrime.gov.in/ on a second device and start the portal complaint in parallel.
3. Screenshot every debit SMS and the bank statement for the last 24 hours.
4. SMS your bank's fraud short-code to block further outgoing transactions.
5. Print 3 copies of the typed bank complaint letter for the morning branch visit.
6. Save the 1930 complaint number in three places: notepad, email draft, photo on phone.

1. https://cybercrime.gov.in/, National Cyber Crime Reporting Portal, I4C, Ministry of Home Affairs
2. https://www.mha.gov.in/en/divisionofmha/cyber-and-information-security-cis-division, MHA Cyber and Information Security Division
3. https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=11040, RBI Master Direction on Customer Protection, DBR.No.Leg.BC.78/09.07.005/2017-18 (editor: verify current dated version)
4. https://cms.rbi.org.in/, Reserve Bank of India Integrated Ombudsman Scheme portal
5. https://myaadhaar.uidai.gov.in/, UIDAI biometric lock (for AEPS-linked frauds)
6. Information Technology Act 2000, https://www.indiacode.nic.in/handle/123456789/1999
7. Bharatiya Nyaya Sanhita 2023, https://www.indiacode.nic.in/handle/123456789/20062
8. Bharatiya Nagarik Suraksha Sanhita 2023, https://www.indiacode.nic.in/handle/123456789/20063
9. Lalita Kumari v State of UP (2014) 2 SCC 1, https://main.sci.gov.in/

1. How the bank freeze process works after cyber fraud, the sibling flagship
2. UPI deducted but not received, action plan
3. AEPS Aadhaar fingerprint fraud recovery
4. SIM swap fraud recovery guide
5. Freeze account after fraud, the bank process explained
6. Recover money from UPI fraud, 2026 playbook
7. Banking Ombudsman complaint guide for India
8. The citizen RTI playbook
9. RTI Wiki case database

Last reviewed: 15 May 2026. RTI Wiki editorial team.