India’s fraud surge shows why 2026 must be about verification, not trust
)
digital scams hit your wallet in 2025
Listen to This Article
India’s digital payments ecosystem grew at a blistering pace in 2025. But it also opened the floodgates to a new generation of financial scams powered by automation, artificial intelligence and compromised identity data. Government figures underline the severity: Cybercrime complaints on the National Cyber Crime Reporting Portal rose to 2.27 million in 2024, up 42 per cent year-on-year, while losses hit ~228.45 billion. As 2025 ends, digital fraud has become one of the most pervasive threats to household finances.
How scams evolved this year
Data from the Ministry of Home Affairs and the Indian Cyber Crime Coordination Centre show that UPI-based fraud continued to lead in volume and value. Most incidents involved phishing links, counterfeit QR codes, remote-access apps or SIM-swap operations. The Reserve Bank of India and NPCI confirm that UPI frauds jumped 85 per cent in FY24 and maintained that trend through 2025.
“Digital arrest” scams emerged as the year’s most psychologically coercive fraud.
Scamsters impersonated police personnel or government officers over video calls, threatening victims with fabricated criminal charges. Pravin Tiwari, co-founder of SURE, an AI-powered liability management platform, says 2025 marked the moment when “fraud fundamentally shifted from conventional social-engineering tactics to AI-enabled manipulation at scale”.
He points out that voice cloning has become so sophisticated that “a few seconds of audio from social media is enough to mimic a family member or any official.
Investment and crypto frauds expanded rapidly as scammers used fake trading apps, social-media promotions and manipulated authorisations to route unauthorised transfers. According to Dipesh Karki, co-founder and chief technology officer at Vartis Platforms and LenDenClub, the story of 2025 was not only the rising number of cases but their complexity.
“Digital and banking frauds– especially UPI and account takeovers — remain the biggest threat,” he notes, adding that losses
“crossed~1 trillion annually” once account-takeover and payment-app compromises were included.
Merchant-level risks also grew
A quieter, yet increasingly systemic risk involved merchant-originated fraud, especially across Tier-II and Tier-III cities.
Reeju Datta, co-founder of Cashfree Payments, explains that attackers are now using “hyper-automated attacks where OTP-sharing bots mimic delivery alerts” or test stolen credentials through rapid micro-payments routed via merchant wallets. This leaves small businesses exposed to chargebacks and penalties.
Savita Vashist, executive director at NPST, a fintech company, notes that merchant on-boarding gaps, synthetic identities and transaction laundering pose direct threats to the integrity of the UPI network. With daily UPI volumes rising from 596 million in April 2025 to over 714 million in December, she warns that “any vulnerability at the merchant layer has a direct systemic impact”.
Who bore the brunt?
According to MHA data, senior citizens lost more than ~20 billion through impersonation and coercion-based scams. Younger users were targeted through fake job and part-time income opportunities, while rural households suffered from phishing-led UPI drains. High-value frauds above ~100,000 quadrupled to nearly ~40 billion in 2024.
Stronger safeguards and regulatory tightening
The Department of Telecommunications plans mandatory device-SIM binding and a reworked Financial Fraud Risk Indicator by April 2026. The RBI’s enhanced fraud-risk directives require banks and NBFCs to deploy AI-enabled monitoring, zero-trust architecture and compulsory reporting of high-value frauds.
AI-driven fraud detection
Karki stresses that real-time AI models will be indispensable for spotting abnormal behaviour across devices, locations and transaction values. Datta adds that behavioural analytics, liveness detection and adaptive risk scoring will determine how effectively institutions can “prevent fraud before it occurs”.
Vashist emphasises that merchant-side intelligence is equally essential to safeguard the expanding UPI ecosystem.
Consumer-led protections
For individuals, the fundamentals remain crucial:
• Enable two-factor authentication on all accounts.
• Use official apps and avoid unsolicited links or QR codes.
• Monitor account statements regularly and freeze credit reports if necessary.
• Report suspicious activity immediately via 1930 or cybercrime.gov.in.
India’s digital economy will continue to scale, but so will the sophistication of fraud. The challenge for 2026 is to move from reactive security to anticipatory defence — outthinking scammers before they strike.
aniltikotekar4sme.com 