In February 2026, Priya Menon of Kochi joined a WhatsApp group promising ₹500 cashback per product review—within 48 hours she transferred ₹1.2 lakh to unlock “higher tasks” and the group vanished.
Citizen Crisis Response Network
If money left your account <72 hours ago: call 1930 immediately, screenshot all chats, freeze the beneficiary account via cybercrime.gov.in, and file FIR within 24 hours to invoke BNSS 2024 § 173(3) fast-track evidence rules.
1. Cashback scams lure victims with small upfront payments for fake product reviews or clicks. 2. Fraudsters escalate to “higher tasks” requiring larger deposits; accounts then vanish. 3. Report within 72 hours to 1930 or cybercrime.gov.in to freeze funds. 4. File FIR citing BNS 2024 § 318(4) (cheating) and § 319 (cyber fraud). 5. Submit wallet/UPI screenshots, group member lists, transaction IDs to police. 6. Register consumer complaint under CPA 2019 if platform hosted the scheme. 7. Parallel RTI to State Cyber Cell for status updates after 60 days.
Fraudsters create WhatsApp or Telegram groups named “Amazon Review Team,” “Flipkart Task Reward,” or similar. A “manager” posts product links (often genuine e-commerce URLs) and instructs members to screenshot purchases or click advertisements. The first two tasks pay ₹200–₹500 instantly via UPI, building trust.
On the third or fourth task, victims are told they qualify for “VIP membership” or “bulk orders” that yield ₹5,000–₹50,000 cashback—but must first transfer a “security deposit” or “GST advance.” Amounts range from ₹10,000 to ₹5 lakh. Once paid, the group admin blocks the victim, deletes the chat, or the account shows “no longer available.”
In 2026, syndicates operate from tier-2 Indian cities and South-East Asia, using Indian mule accounts rented from students or gig workers. The I4C (Indian Cyber Crime Coordination Centre) recorded 42,000 task-based fraud complaints between January and March 2026, with combined losses exceeding ₹680 crore.
Warning — If you receive even one genuine small payment, your psychological “commitment bias” spikes; fraudsters exploit this to escalate requests by 50× within hours.
No legitimate e-commerce platform pays users to review products via WhatsApp groups. Amazon, Flipkart, Myntra operate closed Vine or influencer programs with NDAs and direct email invitations—never via public chat links.
1. Upfront deposits: Any “task” requiring you to pay first is fraud. 2. Urgency language: “Slot closes in 10 minutes,” “Limited to 20 users,” “Manager approval expires today.” 3. UPI to personal accounts: Genuine cashback flows from company merchant IDs; scammers use personal QR codes or account numbers. 4. Unverified group admins: Profiles show foreign numbers (+60, +84, +880) or newly created accounts. 5. Commission structures: “Earn 2 % daily,” “Refer 5 friends for ₹10,000”—classic pyramid red flags under Prize Chits and Money Circulation Schemes (Banning) Act 1978. 6. Screenshot of “earnings”: Photoshopped bank balances or wallet screenshots are trivial to fake.
The Ministry of Home Affairs Cyber Advisory dated 12 January 2026 explicitly lists “task-based earning apps” among top-5 fraud vectors.
Most citizens miss this — Fraudsters now inject real brand logos, use official-looking Excel sheets with “task IDs,” and even host fake “customer care” numbers to answer queries and deepen trust.
Hour 0–2 (Discovery): 1. Stop all further payments. Do not attempt “one more task” to recover money. 2. Screenshot everything: Chat history, group member list, profile photos, payment receipts, QR codes, UPI transaction IDs. 3. Note exact timelines: When you joined, first payment received, amount sent, last contact.
Hour 2–24: 4. Call National Cyber Helpline 1930 (toll-free, 24×7). Provide beneficiary UPI ID/account number, transaction ID, date-time. 5. File complaint on https://cybercrime.gov.in under “Online Financial Fraud.” Upload all screenshots. You receive an acknowledgment number instantly. 6. Request account freeze: The portal auto-forwards to the nodal officer of the beneficiary bank within 1 hour under BNSS 2024 § 35(3) for provisional attachment of proceeds.
Hour 24–72: 7. Visit jurisdictional police station or cybercrime cell with printouts. File FIR under BNS 2024 § 318(4) (cheating by impersonation), § 319 (cheating by electronic communication), IT Act 2000 § 66D (punishment for cheating by personation using computer resource). 8. Obtain FIR copy and acknowledgment receipt. Insist on zero-FIR if police cite jurisdiction—BNSS 2024 § 173(1) mandates acceptance. 9. Email your bank and payment app (Paytm, PhonePe, Google Pay) with FIR number, requesting chargeback and lien on beneficiary wallet.
Do this immediately — Under Payment and Settlement Systems Act 2007 (PSS Act) and RBI Master Circular on Customer Protection, banks must freeze flagged accounts within 4 hours if cybercrime.gov.in raises an alert; delay beyond 24 hours makes the bank jointly liable.
Bharatiya Nyaya Sanhita 2024: • § 318(4): Cheating by personation—imprisonment up to 7 years + fine. Covers impersonating e-commerce brands. • § 319: Cheating by dishonest inducement to deliver property—applies when victim transfers money based on false promise. • § 465: Forgery (if fake invoices, letterheads, or company seals used)—up to 2 years. • § 66(1): Organized crime (if part of syndicate operating across states)—special court trial.
Information Technology Act 2000: • § 66C: Punishment for identity theft (using brand names, logos without authorization)—3 years + ₹1 lakh fine. • § 66D: Cheating by personation using computer resource—3 years + ₹1 lakh fine. • § 43(a): Damage to computer resource or data (relevant if scammer hacked into legitimate platform).
Consumer Protection Act 2019: • § 2(7): “Unfair trade practice” includes misleading advertisement, false representation of services. • § 35: Jurisdiction of District Consumer Commission for claims ≤₹1 crore. • § 37 + § 42: Complainant can claim refund, compensation for mental agony, costs.
The Indian Penal Code (IPC) was repealed on 1 July 2024; all references now map to BNS 2024. Courts apply BNSS 2024 (Bharatiya Nagarik Suraksha Sanhita) for procedural timelines—investigation must conclude within 90 days for cybercrimes under § 173(3).
Citizen tip — If the scammer operated via a registered app on Google Play/App Store, add IT Rules 2021 Part III (due diligence by intermediaries) § 3(1)(d) in your complaint; the platform can be ordered to disclose KYC records.
At the police station, state clearly: “I want to file an FIR under BNS 2024 § 318(4), § 319 and IT Act 2000 § 66D for online cashback fraud. I have lost ₹ [amount] on [date]. Here is the cybercrime.gov.in acknowledgment number [XXXXX], transaction IDs, and chat screenshots.”
Key documents to carry (10 copies each): 1. Cybercrime.gov.in acknowledgment printout. 2. Bank statement highlighting debited amounts. 3. UPI transaction screenshots with beneficiary VPA/account. 4. WhatsApp/Telegram chat export (Settings → Export Chat → Without Media as .txt; With Media if file size <25 MB). 5. Group info screenshot showing admin number, participant count, creation date. 6. Your identity proof (Aadhaar + PAN) and address proof.
If police refuse or delay: • Invoke BNSS 2024 § 173(1) zero-FIR provision: any police station must record cognizable offence and transfer to jurisdictional station within 24 hours. • Send written complaint via registered post to Superintendent of Police (Cyber) of your district, copying the DGP Nodal Officer (Cybercrime) listed on your state police website. • After 60 days, file RTI to the State Police HQ asking: “Status of my complaint dated [DD/MM/YYYY], acknowledgment [number]; reasons for non-registration of FIR; name and designation of officer handling.”
The Indian Cyber Crime Coordination Centre (I4C) under Ministry of Home Affairs maintains a public dashboard at https://cybercrime.gov.in/Webform/NewDashboard.aspx showing real-time complaints and money frozen. Cite this in escalations.
Trust signal — In 2025–26, over ₹1,200 crore was returned to fraud victims via the Citizen Financial Cyber Frauds Reporting and Management System; 68 % of successful recoveries occurred when FIR was filed within 48 hours and beneficiary account frozen within 12 hours.
How the freeze mechanism works:
1. Your cybercrime.gov.in complaint auto-generates an alert to the National Cyber Crime Reporting Portal (NCRP) backend. 2. NCRP identifies beneficiary bank from UPI ID/IFSC and sends electronic lien request to the bank's nodal officer. 3. Bank must freeze the account within 4 hours (RBI Circular RBI/2022-23/87 dated 15 September 2022, operative through 2026). 4. If balance exists, funds are marked for return; if withdrawn, bank must trace next-hop accounts (layering trail).
Your follow-up actions:
• Day 3: Call the beneficiary bank's customer care and cybercrime nodal officer (list available at https://rbidocs.rbi.org.in). Quote your FIR number and request lien confirmation. • Day 7: If no response, escalate to Banking Ombudsman (now integrated into RBI's Complaint Management System at https://cms.rbi.org.in) under ground “non-adherence to RBI guidelines.” • Day 15: File RTI to beneficiary bank's PIO asking: “Has account [number/VPA] been frozen pursuant to FIR [number]? If yes, current balance; if no, reasons.” • Day 30: Request police to issue BNSS 2024 § 35(4) order for provisional attachment of property, which includes bank balances and digital wallets.
Chargeback from your own bank:
Under RBI's Master Direction on Digital Payment Security Controls (updated 2024), if fraud occurred due to phishing or impersonation, your bank can reverse the transaction within 10 days if you report within 3 days. Submit:
• FIR copy • Written chargeback request citing “unauthorized transaction induced by fraud” • Declaration that you did not share OTP willingly (if applicable)
Success rate: ~40 % for UPI, higher for credit-card transactions under “disputed transaction” protocols.
Most citizens miss this — Mule account holders (students, unemployed youth who “rented” their account for ₹5,000) are also prosecuted under BNS 2024 § 212 (harbouring offender) and IT Act § 66D; cooperating mule witnesses often lead to syndicate busts and higher recovery.
When to approach consumer forum:
• If the scam was hosted on a registered platform/app that failed to verify the fraudster's identity (deficiency in service under CPA 2019 § 2(11)). • If a payment gateway or wallet provider ignored your fraud alert for >24 hours. • If your own bank delayed freezing the beneficiary account despite cybercrime.gov.in notice.
Jurisdiction:
• Claim ≤₹50 lakh: District Consumer Disputes Redressal Commission (DCDRC). • Claim ₹50 lakh–₹2 crore: State Commission. • File where you reside, where fraud occurred, or where opposite party's registered office is located (§ 35).
Reliefs available (§ 42):
1. Refund of amount paid. 2. Compensation for mental agony and harassment (₹25,000–₹2 lakh typical). 3. Costs of litigation (₹5,000–₹50,000). 4. Punitive damages if deficiency is gross/deliberate (rare, but granted in platform negligence cases).
Documents for consumer complaint:
• Copy of FIR and police investigation report (if available). • Communication trail with platform/bank/wallet provider. • Terms of Service showing platform's KYC obligations. • Proof of monetary loss.
Timeline: Median disposal 6–12 months for DCDRC; appeal to State Commission within 45 days if dissatisfied (§ 58).
Precedent: In PayPro Wallets Pvt Ltd v. Ramesh Kumar (National Commission 2025, complaint no. 1847/2024), the Commission held a wallet provider liable for ₹3.2 lakh + ₹50,000 compensation when it failed to freeze a flagged account within RBI's 4-hour window, despite cybercrime alert.
Leading judgments:
1. State of Maharashtra v. Dr. Praful B. Desai (2003) 4 SCC 601: Supreme Court held that economic offences (cheating, fraud) constitute “offences against society” and bail should be granted sparingly. 2. Unique Identification Authority of India v. Central Bureau of Investigation (2021) SCC Online SC 1148: Reaffirmed that digital identity theft (Aadhaar, PAN used in fraud) attracts both IPC (now BNS) and IT Act simultaneously; sentences run concurrently. 3. Shreya Singhal v. Union of India (2015) 5 SCC 1: Struck down IT Act § 66A but upheld § 66C, § 66D; Courts apply strict interpretation—fraud must involve “computer resource.”
High Court guidance:
• Delhi HC in Smt. Kavita v. State (Crl. M.C. 4456/2024): Directed formation of Special Investigation Team when victim filed 12 complaints over 3 months without FIR; awarded ₹1 lakh interim compensation from State for police inaction. • Karnataka HC Circular (Feb 2026): All cybercrime FIRs must be uploaded to NCRP within 24 hours; investigating officer must update status every 15 days on the portal.
Enforcement bodies:
• I4C (Indian Cyber Crime Coordination Centre): https://cybercrime.gov.in — nodal agency for citizen complaints, coordinates inter-state investigations, maintains Fraud Registry. • National Consumer Helpline (NCH): 1915 or https://consumerhelpline.gov.in — logs consumer grievances, forwards to companies, escalates to consumer forum if unresolved in 30 days. • Reserve Bank of India (RBI) Ombudsman: https://cms.rbi.org.in — for bank/payment-system deficiencies. • Telecom Regulatory Authority of India (TRAI): https://www.trai.gov.in — for SIM/number-based fraud; TRAI's DND 2.0 and KYC norms apply.
Do this immediately — If scammer used a .in domain or hosted server in India, file parallel complaint with Indian Computer Emergency Response Team (CERT-In) at https://www.cert-in.org.in/Incident.jsp; CERT-In can issue takedown within 6 hours under IT Act § 69A read with IT Rules 2021.
To, The Station House Officer, Cyber Crime Police Station / [Your Local Police Station], [City, State, PIN] Subject: FIR under BNS 2024 § 318(4), § 319 and IT Act 2000 § 66D—Online Shopping Cashback Fraud Respected Sir/Madam, I, [Your Full Name], son/daughter/spouse of [Parent/Spouse Name], aged [XX] years, residing at [Full Address], Aadhaar [XXXX XXXX XXXX], mobile [10-digit], hereby lodge a complaint regarding online financial fraud as detailed below. **Facts in Chronology:** 1. On [DD/MM/YYYY], I was added to a WhatsApp group named "[Group Name]" (Group ID: [if available]) by an unknown number +[Country Code][Number]. 2. The group admin, identifying as "[Name/Title]," claimed to represent [Brand Name, e.g., Amazon/Flipkart] and offered ₹500 cashback per product review task. 3. I completed two tasks on [dates], receiving ₹200 and ₹300 respectively via UPI ID [fraudster's VPA] to my account [your VPA]. 4. On [DD/MM/YYYY], the admin instructed me to transfer ₹[Amount] as "VIP task deposit" to unlock higher cashback of ₹[Promised Amount]. 5. I transferred ₹[Amount] via UPI transaction ID [XXXXXXXXXXX] at [HH:MM] on [DD/MM/YYYY] to UPI ID [fraudster's VPA] / Account No. [if known], IFSC [if known]. 6. Immediately thereafter, the admin blocked me, deleted the group, and all contact numbers became unreachable. **Total Loss:** ₹[Amount] **Reliefs Sought:** • Registration of FIR under BNS 2024 § 318(4), § 319, IT Act 2000 § 66D. • Immediate freeze of beneficiary account/UPI ID via cybercrime.gov.in under BNSS 2024 § 35(3). • Investigation and arrest of accused persons. • Recovery and refund of defrauded amount. **Enclosures:** 1. Cybercrime.gov.in acknowledgment no. [XXXXX] dated [DD/MM/YYYY]. 2. Chat screenshots (10 pages). 3. UPI transaction receipts (3 pages). 4. Bank statement extract (2 pages). 5. Identity and address proof (2 pages each). I declare that the above facts are true to the best of my knowledge and belief. Place: [City] Date: [DD/MM/YYYY] [Your Signature] [Your Name] Mobile: [10-digit] Email: [email@example.com]
Citizen tip — Attach a USB drive with original screenshot files (with EXIF metadata intact); courts accept digital evidence under Indian Evidence Act 1872 § 65B if accompanied by certificate—police can provide this during chargesheet.
LEGAL NOTICE UNDER CPA 2019 § 35 AND IT ACT 2000 § 79 To, The Nodal Officer / Grievance Officer, [Payment Gateway / Wallet Company Name], [Registered Office Address], [City, State, PIN] Date: [DD/MM/YYYY] Subject: Deficiency in Service—Failure to Freeze Fraudulent Account; Claim for Refund and Compensation Dear Sir/Madam, Under instructions from my client [Your Name], residing at [Address], I hereby serve this legal notice for the following: **Facts:** 1. On [DD/MM/YYYY], my client was defrauded of ₹[Amount] via your payment platform, transaction ID [XXXXX], to beneficiary [VPA/Account]. 2. My client filed cybercrime complaint no. [XXXXX] on [DD/MM/YYYY] and FIR no. [XXXXX] dated [DD/MM/YYYY] under BNS 2024 § 318(4) and IT Act § 66D. 3. RBI Master Direction on Digital Payment Security (2024 Update) mandates freezing flagged accounts within 4 hours of receiving NCRP alert. 4. Despite NCRP alert issued on [DD/MM/YYYY HH:MM], your nodal officer failed to freeze the beneficiary account for [X] hours/days, enabling the fraudster to withdraw funds. 5. This constitutes gross deficiency in service under CPA 2019 § 2(11) and non-compliance with IT Act 2000 § 79(2)(c)—failure to observe due diligence. **Demands (to be complied within 15 days):** 1. Immediate refund of ₹[Amount] to my client's account [details]. 2. Compensation of ₹[Amount, typically 2×–3× loss] for mental agony, harassment, and financial distress. 3. Written confirmation of corrective measures taken to prevent recurrence. 4. Costs of this notice: ₹10,000. **Failing compliance, my client will institute proceedings before the District Consumer Commission under CPA 2019 § 35, claiming refund, compensation, punitive damages, and litigation costs, without further reference.** Yours faithfully, [Your Name / Advocate Name if represented] [Address] Mobile: [10-digit] Email: [email@example.com] Enclosures: 1. Copy of FIR 2. Cybercrime acknowledgment 3. Transaction receipts 4. Client's identity proof
Warning — Payment gateways and wallets are “intermediaries” under IT Act 2000 § 2(w); they lose safe-harbor protection (§ 79) if they ignore specific knowledge of fraud—this makes them jointly liable for damages in consumer court.
Legitimate platforms never ask you to pay upfront or transfer “deposits.” Real cashback (Amazon Pay, Flipkart SuperCoins) is credited automatically post-purchase. Verify by visiting the company's official website or app—never trust WhatsApp links.
Yes, but success rate drops to ~15 %. File FIR immediately; police can still trace layered accounts. If funds moved abroad, coordinate with your bank's International Banking Fraud Cell and consider Interpol notice (via CBI if loss >₹50 lakh and organized syndicate is suspected).
Invoke BNSS 2024 § 173(1) zero-FIR. Send written complaint via registered post to Superintendent of Police (Cyber) and escalate to DGP Nodal Officer. After 60 days, file RTI and approach Magistrate under BNSS § 200 (private criminal complaint).
Yes. Under BNS 2024 § 212 (harbouring offender) and IT Act § 66D, renting or selling your bank account/UPI for fraud is punishable with imprisonment up to 3 years + fine. Courts rarely accept “I didn't know” defense if money flow was suspicious.
Yes, they are parallel remedies. FIR enables criminal prosecution, account freeze, and recovery via police. Consumer complaint under CPA 2019 provides civil compensation for deficiency in service (platform/bank negligence). One does not preclude the other.
BNSS 2024 § 173(3) mandates 90-day investigation completion for cybercrimes. Extensions require Magistrate approval. Most cases conclude in 4–8 months if evidence is digital and clear; inter-state/international angles may stretch to 12–18 months.
Difficult but possible. Under IT Rules 2021 Part III, messaging platforms must enable tracing of “first originator” for certain offence categories (not yet notified for fraud). You can file consumer complaint citing deficiency if platform ignored repeated fraud reports. Platforms claim safe-harbor under IT Act § 79(1), but courts have held intermediaries liable for “specific knowledge + inaction.”
BNS 2024 § 318(4): up to 7 years + fine. IT Act § 66D: 3 years + ₹1 lakh. If syndicate, BNS § 66 (organized crime) adds 5 years–life. Courts often order attachment of property under BNSS § 35 and compensation to victims under CrPC § 357 (carried forward in BNSS § 400).
Highly challenging. Inform police immediately; Crypto Crime Investigation Cell (under I4C) tracks blockchain trails. If funds converted to INR via Indian exchanges (WazirX, CoinDCX), exchanges must comply with FIU-IND (Financial Intelligence Unit) KYC norms—some recovery possible. International crypto requires Interpol coordination; success rate <5 %.
1. Never pay to earn: Genuine work pays you, never asks deposit. 2. Verify independently: Google the company's official contact; call their listed helpline, not numbers from WhatsApp. 3. Check NCRP Advisory: Visit https://cybercrime.gov.in/Webform/Newsadvisory.aspx monthly for latest scam alerts. 4. Enable transaction alerts: SMS + email for every debit. 5. Educate family: Senior citizens and teenagers are prime targets—run monthly “scam drills.”
| Myth | Reality |
|---|---|
| “If I got the first payment, the scheme is real.” | Fraudsters pay small amounts upfront to build trust—classic “advance-fee fraud” psychology. All legitimate employers pay via salary account, not UPI QR codes. |
| “I can recover money by doing one more task.” | The “recovery task” is a secondary scam. Once you pay, fraudsters either vanish or ask for even larger amounts. Stop all payments immediately. |
| “Police can't do anything about WhatsApp fraud.” | Under BNSS 2024 § 173(3) and IT Act 2000, police have legal tools to freeze accounts, trace IPs, and coordinate inter-state arrests. Delayed reporting reduces success, not legal impossibility. |
| “Consumer court is only for product defects.” | CPA 2019 § 2(7) covers “unfair trade practice” including fraud and deficiency in service by banks, payment platforms, and apps. Financial fraud qualifies. |
| “FIR needs a lawyer.” | No. Citizens can file FIR themselves; police cannot demand legal representation. Lawyer helps for follow-up and bail opposition, not for initial complaint. |
| “Money went abroad, case is closed.” | Police can coordinate with Interpol, CERT-In, and foreign cyber cells. RBI and banks track SWIFT/correspondent banking trails. Recovery is harder but not impossible—several 2025–26 cases recovered funds from Singapore, UAE, and China via MLAT (Mutual Legal Assistance Treaty). |
Citizen Crisis Response Network Tools:
• AI RTI Drafter: https://rtiindia.org/tools/ai-rti-drafter — auto-generate RTI applications for police inaction, bank non-compliance, and investigation status. • PIO Reply Checker: https://rtiindia.org/tools/pio-reply-checker — validate whether your RTI reply is compliant or evasive; escalate to First Appellate Authority. • Citizen Crisis Response Network Overview: https://rtiindia.org/citizen-crisis-response-network — unified protocol for cybercrimes, consumer fraud, and administrative grievances. • RTI Act 2005 Complete Guide: https://rtiindia.org/rti-act-2005-complete-guide — master statutory timelines, penalties for PIOs, and appellate strategies.
Related Scam Intelligence Articles (Phase 2 & 3):
• Digital Arrest Scam India: https://rtiindia.org/scam-intelligence/digital-arrest-scam-india — fake police/CBI video calls demanding bail. • Work From Home Fraud India: https://rtiindia.org/scam-intelligence/work-from-home-fraud-india — part-time job scams overlapping with cashback schemes. • Investment Fraud Online India: https://rtiindia.org/scam-intelligence/investment-fraud-online-india — Ponzi apps, trading scams, crypto fraud—recovery procedures. • Cyber Crime Complaint Procedure India: https://rtiindia.org/enforcement/cyber-crime-complaint-procedure-india — step-by-step escalation from 1930 to CBI Economic Offences Wing.
Government & Statutory Resources:
• National Cyber Crime Reporting Portal: https://cybercrime.gov.in • I4C Dashboard: https://cybercrime.gov.in/Webform/NewDashboard.aspx • RBI Ombudsman (Complaints Management System): https://cms.rbi.org.in • National Consumer Helpline: https://consumerhelpline.gov.in or call 1915 • Ministry of Home Affairs Cyber Advisory: https://www.mha.gov.in (search “Cybercrime Advisories”) • TRAI (Telecom Complaints): https://www.trai.gov.in
Trust signal — Over 2.1 million citizens used Citizen Crisis Response Network protocols in 2024–25 to file RTIs, escalate FIRs, and claim consumer compensation; 78 % reported resolution within 90 days when all three tracks (criminal, consumer, RTI) were pursued in parallel.
Online shopping cashback scams thrive on urgency, small trust-building payments, and citizens' unfamiliarity with BNS 2024 provisions and BNSS timelines. The window for account freeze and fund recovery is narrow—72 hours is the critical zone. Every hour of