top of page
Search

You Have Won ₹25,000!” — But You’re About to Lose More


Introduction

In today’s fast-moving digital world, phishing scams are not just rising — they’re evolving. Every day, thousands of people receive messages like:


"Congratulations! You’ve won ₹25,000. Click the link to claim."


Or worse:


"Your bank KYC is expiring. Update now or your account will be blocked."

They look urgent. They feel real. But they’re designed to steal — your money, your identity, your peace of mind.


What is Phishing?


Phishing is a type of cyber fraud where attackers pretend to be trustworthy sources — like banks, e-commerce websites, government agencies — and trick you into:

  • Clicking fake links

  • Entering sensitive information (like passwords, card details, Aadhaar, etc.)

  • Downloading malicious files

These can come via email, SMS, WhatsApp, Telegram, even social media DMs.


Real Case:

Rohan, a 19-year-old college student in Delhi, received an SMS saying:“SBI Alert: Your ATM will be blocked in 24 hours. Click to verify.”

He clicked. The site looked exactly like SBI’s real website. He entered his card number, expiry, CVV, and OTP.

Within 3 minutes, ₹35,000 was gone.


How Phishing Scams Trick You

  • Use official logos, fonts, and layouts to look real

  • Create a false sense of urgency (“last chance,” “account locked,” “offer expires in 1 hour”)

  • Include fake payment proof screenshots to build trust

  • Send shortened links (bit.ly or tinyurl) to hide destination URLs


How to Stay Safe

  • Always check the sender’s email address or phone number

  • Never click on unknown links – go to the official site manually

  • Banks and government portals never ask for OTP or passwords via SMS

  • Turn on two-factor authentication (2FA) on all accounts

  • Use tools like Google’s Phishing Quiz to stay sharp

  • Report phishing attempts to cybercrime.gov.in


Bonus Resource:

Watch this 2-minute video breakdown by SITLCS on job-related scams — a similar style of social engineering fraud:


Conclusion


Phishing is no longer just a cybercrime — it’s psychological manipulation. They don’t just trick your device, they trick your trust.


Remember, when in doubt, don’t click. If it feels too urgent, too rewarding, or too threatening — pause, verify, and protect.


Slogan for Day 1 (Phishing Awareness):


“If It Feels Urgent and Rewards You Too Much — It’s a Phish!”


 
 
 

Comments

bottom of page