Fake Electricity Disconnection Call Scam India (2026)

A common version of this scam goes like this: a consumer in a city gets a call from a number such as “03342788900” claiming his ₹8,200 arrears will trigger disconnection within two hours unless he pays ₹12,000 by UPI to “avoid reconnection charges.” The caller already knows his consumer number, his last bill date and the name on the meter. The illustration below is a composite of how these calls typically run; the legal points apply to any such call.

Citizen Crisis Response Network
Do not disconnect the call immediately — note caller ID, time, exact demand, app name, UPI handle and bank details; record the call if your State allows one-party consent; take a screenshot of the incoming-call screen; then hang up and verify arrears directly on your DISCOM's official mobile app or website.

1. Scammers impersonate electricity-distribution company (DISCOM) officials, cite fake “outstanding dues” and threaten immediate disconnection. 2. They obtain partial consumer details from public complaint portals or data breaches. 3. Victims are pressured to transfer money via UPI, QR codes or “re-registration fees.” 4. Real DISCOMs issue a written notice (at least 15 clear days) before disconnection for non-payment under Electricity Act 2003 s.56(2) and never demand instant payment by phone. 5. Report to cybercrime.gov.in / call 1930 as soon as possible, and inform your State DISCOM's vigilance cell. 6. File an FIR citing BNS 2023 s.318(4) (cheating and dishonestly inducing delivery of property), s.319(2) (cheating by personation) and IT Act 2000 s.66D. 7. Pursue account freeze and recovery through the National Cyber Crime Reporting Portal (NCRP) and your bank's fraud helpline.

• How the fake electricity disconnection scam works
• Why these scams succeed—psychological triggers
• Legal framework: BNS 2023, IT Act & Electricity Act 2003
• Step-by-step immediate response checklist
• Filing an FIR and NCRP complaint
• DISCOM complaint and consumer grievance redress
• Prevention: How to verify legitimate DISCOM communication
• Recovery options if money was transferred
• Frequently asked questions
• Myth vs reality table
• Internal links and tools

The attacker begins with reconnaissance. Consumer Account Numbers (CAN) and names can leak through:

1. Publicly visible complaint tickets on DISCOM portals.
2. Data-broker aggregators scraping electricity-bill PDFs shared on unencrypted forums.
3. Insider complicity at meter-reading or billing agencies.

Armed with your CAN, the caller often uses Voice-over-IP (VoIP) technology to spoof a number that looks like the DISCOM's customer-care line. The display may read “BSES Rajdhani” or “Tata Power” or “UPPCL”, or a familiar landline prefix (0120, 033, 079), generating instant trust.

Phase one: Verification theatre. “Good afternoon, am I speaking to Mr [name], consumer number 1234567890? Yes sir, we see your last payment was on 15 January. There is a pending balance of ₹8,200.” The specifics paralyse scepticism.

Phase two: Urgency injection. “Sir, as per the disconnection order, if payment is not received within two hours, the field team will cut supply today itself. After disconnection, the reconnection fee is ₹5,000 plus ₹2,000 inspection charges.”

Phase three: Payment redirection. “To stop the order immediately, pay ₹12,000 right now via UPI to our recovery department. I will send you the QR code on WhatsApp.” Alternatively: “Download TeamViewer so I can help you pay through the portal.” (This grants full device access.)

Once money transfers, the fraudster vanishes. DISCOM customer care, when contacted, confirms: “No such arrears. No disconnection order. Not our number.”

Warning — A legitimate DISCOM will never accept payment on a personal UPI handle, through QR codes sent via WhatsApp, or demand reconnection fees upfront. Statutory procedure requires a written notice under the Electricity Act 2003 s.56(2) and the Electricity (Rights of Consumers) Rules 2020, delivered to the registered address, with at least 15 clear days before disconnection for non-payment.

Behavioural science explains why so many people comply at first contact:

1. Authority bias: Caller uses official-sounding terminology — “Section 56 order,” “vigilance disconnection directive.”
2. Scarcity & deadline: A two-hour window creates panic and bypasses rational verification.
3. Confirmation bias: The caller's knowledge of your CAN and last bill date confirms legitimacy in your mind.
4. Loss aversion: Fear of losing essential service (electricity in summer, remote work, medical equipment) overrides financial caution.
5. Social proof manipulation: “Sir, we have already disconnected four consumers in your sector today.”

Typical victims span a wide age range and varied digital literacy; many run a small business or work from home and have a past-dues history (even if settled), which makes them more anxious about a “missed payment” claim.

Most citizens miss this — The caller will often correctly state your *last bill amount* but inflate a fake “current outstanding.” Cross-check your DISCOM app; legitimate dues always display there first, never revealed exclusively by phone.

Bharatiya Nyaya Sanhita 2023:

• Section 318(4) — Cheating and dishonestly inducing delivery of property. Imprisonment up to 7 years + fine. Where the fraudster deceives the victim into parting with money, this is the core offence.
• Section 319(2) — Cheating by personation. The fraudster pretends to be a DISCOM employee (a real or imaginary person) to deceive the victim. Imprisonment up to 5 years, or fine, or both.
• Section 316 — Criminal breach of trust. If an insider DISCOM contractor dishonestly misuses or sells consumer databases entrusted to them.

Information Technology Act 2000 (as amended):

• Section 66C — Identity theft. Dishonestly using another person's electronic signature, password or unique identification feature. Punishment: up to 3 years + up to ₹1 lakh fine.
• Section 66D — Cheating by personation using a computer resource. Directly applicable to vishing/UPI fraud; punishment: up to 3 years + fine.
• Section 43A — Compensation for failure to protect data. Where a body corporate is negligent in maintaining reasonable security practices for sensitive personal data and that causes wrongful loss.

Electricity Act 2003:

• Section 56(2) — Disconnection for non-payment. Requires a written notice (not less than 15 clear days); a purely oral or telephonic “disconnection order” is not a valid notice.
• Section 135 — Theft of electricity. If the scammer falsely accuses the victim of illegally drawing power to coerce payment, the false accusation itself may give rise to other remedies; theft of electricity is dealt with under s.135 (s.126 deals with assessment for unauthorised use).

Consumer Protection Act 2019:

• Section 2(47) — Unfair trade practice; Section 2(11) — deficiency in service. If a DISCOM's negligent data handling enabled the scam, a consumer may approach the District Consumer Commission under Section 35 claiming compensation for deficiency in service.

For consumer grievance redressal in the electricity sector, every distribution licensee must run a Consumer Grievance Redressal Forum (CGRF) under Electricity Act 2003 s.42(5), with appeal to the State Electricity Ombudsman under s.42(6). Timelines are fixed by the relevant State Electricity Regulatory Commission's CGRF/Ombudsman regulations.

Do this immediately — Screenshot your DISCOM app home screen showing the actual dues at the time of the call. This timestamped record helps your FIR and NCRP complaint, showing no legitimate disconnection threat existed.

Within the call (if still ongoing):

1. Ask: “Please provide your employee ID, the office landline for callback, and email this disconnection notice to my registered ID.”
2. Note the exact time, caller-ID digits, and name given.
3. Do NOT share any OTP, bank CVV, UPI PIN, or download any remote-access app.

Immediately after hanging up:

1. Open the official DISCOM mobile app or website (use the URL from a printed bill, not a Google search). 2. Log in and verify “Outstanding Amount.” 3. Take a full-screen screenshot with date/time visible. 4. Check your SMS inbox for any prior written notice.

If you already transferred money:

1. Note the exact UPI transaction ID, beneficiary VPA (e.g., scammer@paytm) and timestamp.
2. Call your bank's 24×7 fraud helpline and request an immediate freeze on the beneficiary account.
3. Report to NCRP / call 1930 as soon as possible — reporting quickly improves the chance of a successful freeze.

As soon as possible:

1. File a cyber-crime FIR at the nearest police station or online via your State Cyber Cell portal.
2. Raise a ticket on https://cybercrime.gov.in (National Cyber Crime Reporting Portal) or call the 1930 helpline.
3. Lodge a formal complaint on your DISCOM's consumer portal and email its vigilance cell with the subject line “Impersonation Fraud – CAN [your number].”

Citizen tip — If your local police station resists registering an FIR (claiming “jurisdiction” or “civil dispute”), note that the Bharatiya Nagarik Suraksha Sanhita (BNSS) 2023 s.173 allows information about a cognizable offence to be recorded at *any* police station (“Zero FIR”); transferring it to the correct jurisdiction is the police's internal duty, not your burden.

FIR drafting essentials (reference the cognizable offences):

To,
The Station House Officer,
[Police Station Name],
[City, State PIN]

Subject: FIR under BNS 2023 Sections 318(4), 319(2) & IT Act 2000 Sections 66C, 66D – Impersonation & Cheating via Fake Electricity Disconnection Call

Respected Sir/Madam,

I, [Your Full Name], son/daughter/spouse of [Parent/Spouse Name], aged [XX] years, residing at [Full Address], Consumer Account Number [CAN], [DISCOM Name], hereby lodge this First Information Report for cognizable offences committed as follows:

Date & Time of Incident: [DD/MM/YYYY] at [HH:MM AM/PM]
Caller ID: [+91-XXXXXXXXXX / Spoofed Number Display]
Amount Defrauded (if paid): ₹[Amount]
UPI Transaction ID (if applicable): [Transaction ID]
Beneficiary VPA: [scammer@bank]

Sequence of Events:
1. I received a call from the above number, caller identified himself as "[Name Given]," employee ID [if given], claiming to represent [DISCOM Name].
2. Caller stated outstanding arrears of ₹[Amount] and threatened disconnection within [X] hours unless payment was made immediately via UPI.
3. Caller knew my CAN and last bill date, inducing belief of legitimacy.
4. Under pressure, I transferred ₹[Amount] to UPI ID [scammer@bank] at [timestamp].
5. Upon verification through the official DISCOM app (screenshot attached as Exhibit A), no such arrears exist. DISCOM customer care confirmed no disconnection order.

I request registration of FIR under:
  - BNS 2023 Section 318(4): Cheating and dishonestly inducing delivery of property
  - BNS 2023 Section 319(2): Cheating by personation
  - IT Act 2000 Section 66C: Identity theft
  - IT Act 2000 Section 66D: Cheating by personation using a computer resource

I also request:
  - Freezing of the beneficiary bank account linked to UPI [scammer@bank].
  - Digital forensics of the caller number and VoIP trace.
  - A DISCOM internal inquiry into any potential data breach.

Attached Documents:
  - Exhibit A: DISCOM app screenshot (dues at time of call)
  - Exhibit B: Bank statement / UPI transaction receipt
  - Exhibit C: Call log screenshot

I am willing to cooperate fully in the investigation and appear as required.

Date: [DD/MM/YYYY]
Place: [City]

[Signature]
[Your Name]
[Contact Number]
[Email ID]

National Cyber Crime Reporting Portal (NCRP) parallel complaint:

Visit https://cybercrime.gov.in → “Report Other Cyber Crime” → select “Financial Fraud” → choose the relevant fraud-call/vishing sub-category → upload the same documents. The portal generates an acknowledgment number; reference it in your FIR as “Complaint ID: [ACK Number].” You can also call the 1930 cyber-fraud helpline.

NCRP complaints are handled under the Indian Cyber Crime Coordination Centre (I4C), Ministry of Home Affairs, which coordinates with banks for account-freeze requests. Reporting within the first few hours of the fraud materially improves the chance of stopping the money.

Step 1: DISCOM internal grievance cell

Every DISCOM operates a grievance mechanism. File a complaint online via the DISCOM consumer portal or by email to its grievance/nodal officer, clearly marking the subject: “Data Breach & Fraudulent Impersonation – CAN [Number].” Note the response timelines published in your State commission's standards-of-performance / CGRF regulations.

Step 2: Consumer Grievance Redressal Forum (CGRF) and Electricity Ombudsman

If the DISCOM does not respond within the prescribed timeline, approach the Consumer Grievance Redressal Forum (CGRF) constituted under Electricity Act 2003 s.42(5), with a further appeal to the State Electricity Ombudsman under s.42(6). The applicable State commission's regulations govern the forum, fees and timelines (for example, DERC in Delhi, MERC in Maharashtra, UPERC in Uttar Pradesh).

Sample prayer:

Prayer for Relief:

1. Direct [DISCOM Name] to conduct an internal audit of consumer data security and submit a compliance report.
2. Issue a public advisory on the fake disconnection call scam via SMS/email to consumers.
3. Award compensation for mental agony and deficiency in service (inadequate data protection).
4. Direct the DISCOM to strengthen verification for phone-based consumer interactions.

The Central Electricity Authority (CEA), a statutory body under the Ministry of Power (https://cea.nic.in), and CERT-In issue cybersecurity advisories that DISCOMs are expected to follow.

Warning — Do not accept an informal “sorry” email from DISCOM customer care. Insist on a written closure report with a reference number. If the fraud involved an insider data leak, ask in writing whether disciplinary action was initiated.

Red flags (never trust the call if these appear):

1. Caller asks for an OTP, CVV, net-banking password, or UPI PIN.
2. Payment demanded via a personal UPI handle (e.g., name@paytm, number@oksbi) instead of an official bill-desk link.
3. A QR code sent via WhatsApp.
4. Pressure: “Pay now or lose electricity forever,” “police complaint filed,” “name in the defaulter list.”
5. A request to download AnyDesk, TeamViewer, or QuickSupport.

Green flags (genuine DISCOM process):

1. A written notice delivered to the registered address before disconnection (Electricity Act 2003 s.56(2)).
2. SMS from a registered 6-digit sender ID (e.g., “BSESDL,” “TPCODL”) with an official bill link.
3. Payment options that always include official channels: the DISCOM website, an official biller on a UPI app (search by official DISCOM name), or your bank's BBPS (Bharat Bill Payment System).
4. Customer-care callbacks only to the registered mobile number on record.

Verification protocol (30-second check):

1. Note the caller's claim. Do not act. 2. Open the DISCOM official app (installed earlier from the Play Store / App Store, not via a link in the call). 3. Log in → view “Current Bill” or “Outstanding Dues.” 4. If it shows zero or a different amount, hang up and report. 5. If unsure, call the DISCOM's official number from your printed bill (never the number provided by the caller).

Pro tip: Register for your DISCOM's e-bill service so you receive email/SMS alerts before the due date. Any disconnection threat *before* such an alert is a red flag.

Immediate (first few hours):

1. Bank fraud desk: Call your bank's 24×7 fraud helpline and ask for a freeze/reversal. Reporting quickly helps.
2. NCRP / 1930: The portal and helpline can route a freeze request to the beneficiary bank.

Short-term (first days):

1. Police + bank coordination: Your FIR copy + NCRP acknowledgment helps the police request the bank to freeze the account.
2. UPI app report: Some UPI apps allow you to report a suspicious transaction/VPA. Limited success, but worth attempting.

Medium-term:

1. District Consumer Commission (CPA 2019 Section 35): A complaint may be filed against the bank for deficiency in service. Filing fees and timelines depend on the claim value and forum.
2. RBI Ombudsman: If the bank refuses a reversal you are entitled to, escalate to the RBI Ombudsman (https://cms.rbi.org.in) — free and online.

Long-term (civil recovery):

1. If the fraudster is identified, a civil suit for recovery and damages may be filed, attaching the criminal case status. A civil decree helps with asset attachment.

Compensation from the DISCOM (where a data leak is established):

If an inquiry shows the data leaked from the DISCOM's systems, a consumer complaint under CPA 2019 may allege deficiency in service (failure to safeguard consumer data, read with IT Act s.43A).

Do this immediately — Preserve all evidence in more than one place: (1) phone screenshot/photo, (2) PDF export, (3) a cloud backup. Cases have failed where victims could not produce transaction proof because “the phone was formatted.”

No. Sharing your CAN for genuine purposes (e.g., a DISCOM complaint portal, a social-media grievance) does not make you liable for a subsequent fraud. However, if you shared an OTP or UPI PIN, the bank may partly deny a reversal citing contributory negligence. Liability for the fraud rests on the fraudster.

VoIP spoofing lets fraudsters mimic almost any number. A displayed caller ID is not authentication. Always verify by calling back the DISCOM's official number from your printed bill or official website. TRAI's “Do Not Disturb” (DND) registry does not stop spoofed calls.

Consumer data should be shared only on a lawful basis and with appropriate safeguards. If you suspect misuse, file a complaint with the DISCOM's grievance cell and, where a security incident is involved, note that CERT-In (https://cert-in.org.in) issues directions on incident reporting. The Digital Personal Data Protection Act 2023 will add further obligations as it is brought into force.

Recording your own conversation is generally treated as permissible, but State-specific rules vary — check with your local cyber cell. To be admissible, an electronic record/recording must be accompanied by the certificate required under the Bharatiya Sakshya Adhiniyam 2023 s.63 (which replaced s.65B of the old Evidence Act), stating the device details and hash value.

Yes. Small frauds aggregate into large rackets, and your FIR helps the police establish a pattern. Consumer-forum filing fees are modest, and reporting deters future scams and adds to the public record even when the individual loss is small.

The police will investigate the mule holder. If the mule proves he was himself deceived (e.g., offered a “part-time job” to receive funds), the facts will be assessed accordingly. Any recovered amount may come from the frozen account; recovery from the mastermind is part of the investigation.

Possibly — if a data breach or negligent security enabled the scam. Under CPA 2019, “deficiency in service” can include a failure to adopt reasonable security measures; IT Act s.43A provides for compensation where a body corporate is negligent in protecting sensitive personal data.

Yes. Report it to the Department of Telecommunications via the Sanchar Saathi portal (https://sancharsaathi.gov.in) → “Report Suspected Fraud Communication.” DoT can act against the SIM, and the police can seek the telecom provider's call detail records (CDR) during investigation.

RTI Wiki essential resources:

• RTI Assistant (drafter) — Auto-generate an RTI application to a DISCOM asking, for example: “Copy of consumer data access logs for CAN [X] for period [dates]; details of third-party data-sharing agreements; data-breach incident reports.” https://righttoinformation.wiki/tools/rti-assistant
• PIO Reply Checker — Upload the DISCOM's reply to your RTI and get an analysis of whether it answered your questions. https://righttoinformation.wiki/tools/pio-reply-checker
• Citizen Crisis Response Network — Hub for scam alerts, FIR templates and statutory timelines. https://righttoinformation.wiki/citizen-crisis-response-network
• RTI Act 2005 Complete Guide — Full text, section-wise commentary, exemptions and appeals. https://righttoinformation.wiki/rti-act-2005-complete-guide

Government portals:

• National Cyber Crime Reporting Portal: https://cybercrime.gov.in (helpline 1930)
• Sanchar Saathi (telecom fraud): https://sancharsaathi.gov.in
• CERT-In: https://cert-in.org.in
• Central Electricity Authority: https://cea.nic.in
• RBI Ombudsman (Complaint Management System): https://cms.rbi.org.in

The fake electricity disconnection call scam thrives on three pillars: partial data leaks, caller-ID spoofing and psychological urgency. Breaking any one pillar collapses the fraud. Your shield is verification — always cross-check dues on your DISCOM's official app before acting on any phone demand. Your sword is documentation — screenshot, record, timestamp and report quickly. The law stands with you: BNS 2023 criminalises cheating and impersonation, the IT Act 2000 penalises digital cheating, and the Electricity Act 2003 makes clear that a real disconnection follows a written notice, not a phone threat. When neighbours verify before they pay, the scam dies in your locality; when victims file FIRs and demand data audits, the racket gets harder to run. You are not alone; you are the network.