New Delhi | January 11, 2026: As the use of the Unified Payments Interface (UPI) continues to expand across India, cybercriminals have begun exploiting user behaviour through a new fraud pattern in which even a small, unexpected credit to a bank account can become the starting point of a scam. Cyber agencies have issued alerts about the emerging trend, warning users against acting hastily after receiving unexplained deposits.
The method, referred to as the “Jumped Deposit Scam”, involves fraudsters first transferring a small amount of money into a victim’s account and then manipulating the user into authorising a much larger outgoing payment. Officials say the scam does not rely on technical breaches of the UPI system but instead exploits momentary confusion and routine user habits.
According to cyber officials, the pattern has been observed across multiple regions and is not limited to any specific age group or demographic. Its effectiveness lies in the speed and familiarity of UPI transactions, which often leads users to act without closely reading on-screen prompts.
Certified Cyber Crime Investigator Course Launched by Centre for Police Technology
How the trap is set
In the Jumped Deposit Scam, fraudsters begin by sending a small amount—typically ₹10, ₹20 or ₹50—via UPI into a target’s bank account. The unexpected credit usually prompts the recipient to open their banking or UPI app to check the balance or identify the sender.
While the user is active on the app, the fraudster sends a deceptive or misleading “collect” request, usually for a much larger amount. Because the user’s attention is focused on the sudden credit, the request may be mistaken for a balance-related prompt or a step to return the deposited amount. If the user enters the UPI PIN without carefully reviewing the transaction details, the larger sum is immediately transferred to the fraudster.
Cyber officials have clarified that no hacking or unauthorised access to bank systems is involved. “The fraud takes place only when the user approves a payment by entering the PIN,” officials said, stressing that merely receiving money does not make an account vulnerable.
Why users fall for it
Experts say the simplicity and speed of UPI payments can work against users in such scenarios. Many users are accustomed to entering their PIN quickly and may not clearly distinguish between different actions within the app—such as checking balances, receiving funds or authorising payments.
Research-based cyber policy body Future Crime Research Foundation notes that such scams thrive on “cognitive overload”. A sudden credit disrupts the user’s routine, leading to hurried decisions and missed warnings on transaction screens. Fraudsters capitalise on this brief lapse in attention to push fake payment requests.
Expert perspective
Former IPS officer and noted cybercrime expert Prof. Triveni Singh said such frauds are psychological rather than technical in nature.
“Most users do not fully grasp that entering a UPI PIN always means approving a payment, not checking information,” he said. “Fraudsters exploit this misunderstanding to extract larger amounts within seconds.”
He added that the trust users place in familiar payment apps often lowers their guard during unexpected events like sudden deposits.
What agencies are advising
Cyber agencies have urged users to remain calm if money appears in their account from an unknown source and to avoid taking immediate action. Users are advised to read transaction prompts carefully before entering their PIN, paying close attention to the amount and recipient name displayed on the screen.
If a caller or message requests the return of money, officials recommend contacting the bank or the official customer support of the UPI app directly, rather than following instructions from unknown individuals. Seeking guidance through official banking channels is considered safer in disputed cases.
If an unexplained credit appears
Authorities advise users not to respond to any follow-up payment requests linked to unknown deposits. Instead, the transaction should be reported through official banking channels. In many cases, banks can guide users on secure reversal procedures that do not require authorising outgoing payments.
Cyber experts also warn against sharing screenshots, one-time passwords or PINs. Fraudsters, they note, often attempt to create urgency by invoking deadlines or legal threats.
If fraud occurs
If a user suspects that they have mistakenly approved a fraudulent transaction, immediate action is critical. Victims are advised to contact their bank or UPI service provider at once to request a freeze on further transactions. Complaints should also be registered with the national cybercrime helpline at 1930 or through the official reporting portal.
Officials say prompt reporting significantly improves the chances of freezing or tracing the transferred funds.
