is that a scam?
United States India
EN
English हिन्दी मराठी ಕನ್ನಡ
← Back to all scams
HIGH phishing

SMS says your Aadhaar will be deactivated unless you click a link

An SMS or WhatsApp message claims your Aadhaar will be deactivated, suspended, or unlinked from your bank unless you update KYC by clicking a link or installing an APK. The link harvests personal data and the APK is malware that reads OTPs.

Also known as: Aadhaar KYC phishing, PAN-Aadhaar link scam, bank KYC suspension SMS

What to do right now

  1. 1 Do not click. Do not install any APK from an SMS or WhatsApp
  2. 2 If you want to verify KYC status, log in directly at uidai.gov.in or use your bank's official app
  3. 3 Aadhaar updates are free on the official UIDAI portal and cost a small fee at a Seva Kendra
  4. 4 If you installed a fake KYC app, uninstall it, then change your bank password and freeze your debit card
  5. 5 If you installed any 'support' or 'server' or 'refund app' or remote-access app at the scammer's request (AnyDesk, TeamViewer, Quick Support, etc.), run free SeraphSecure (https://www.seraphsecure.com) to detect and remove it.
  6. 6 Report at https://cybercrime.gov.in or call 1930 (national cyber helpline).

Was remote-access software installed?

If a scammer asked you to install AnyDesk, TeamViewer, Quick Support, or any remote-access app, your device may still be compromised.

Run SeraphSecure to detect and remove it →

Red flags

  • UIDAI never sends SMS or WhatsApp messages with links to update Aadhaar. Updates happen at uidai.gov.in or at an Aadhaar Seva Kendra
  • Banks never ask you to install an APK file to complete KYC
  • The link domain is not uidai.gov.in or your bank's official domain
  • Urgent language: 'within 24 hours' or 'account will be frozen'

Aadhaar phishing texts are sent in massive volume, often timed to coincide with real UIDAI announcements about KYC deadlines — which makes them feel plausible. UIDAI publishes the same advice on every alert: they will never SMS you a link to update Aadhaar.

If you installed a fake “bank KYC” or “Aadhaar update” APK: uninstall it immediately, then change your bank passwords (UPI PIN, mobile banking, debit card PIN) from a different device, and call your bank’s fraud line to flag your account.

Then report at cybercrime.gov.in and call 1930.

Sources