Ironically, educated frequently fall prey

1. K. Hima Reddy, Sub-Inspector at the Cyber Crimes Police Station, said youngsters and middle-aged citizens between 25 and 45 years are frequently falling prey to such scams—especially educated individuals.
2. “Software engineers, IT professionals and educated students, who are expected to know better, are actually the ones falling victim in Hyderabad and Telangana.”
3. She noted that customer-care delivery scams are currently on the rise, with fraudsters posing as businesspersons or delivery agents and calling citizens under the pretext of resolving issues. Victims are then tricked into clicking links or sharing OTPs.
4. Students and middle-aged professionals from software and finance backgrounds exploring stock markets and investment platforms are also being repeatedly targeted. Youngsters attempting to make quick money are particularly vulnerable to stock market scams. Another heavily affected group includes elderly citizens above 50 and 60 years, mostly retirees unfamiliar with smartphones and apps, who end up opening malicious links or responding to fraudulent calls.

Make hay while the sun shines, so goes the saying and when yuletide sets in, fake delivery websites pounce on festive fever. This time of the year, online shopping and travel bookings peak and scammers up their activity. Authorities warn of a sharp rise in fake delivery notifications, scam calls, malicious links and APK-based frauds during the holiday season.

Beware of delivery notifications

Cybercrime officials caution citizens to remain vigilant, as almost every notification—SMS, WhatsApp message or email—could be used as a trap. Among the growing online frauds, fake delivery notifications have emerged as one of the most common and effective tactics. With citizens expecting multiple parcels due to festive offers and discounts, fraudsters are sending convincing SMS and WhatsApp messages impersonating legitimate courier companies and delivery agents. These messages often create urgency by citing delivery failures, address errors or pending payments, prompting impulsive actions.

Officials report an 86% surge in fake delivery websites during the festive shopping rush. These sites closely resemble genuine courier or retail portals and are circulated through messages warning of delayed deliveries, suspended packages, unpaid customs fees or address verification issues. Once a victim clicks the link, scammers harvest sensitive information such as banking credentials, debit and credit card details, CVV numbers, expiry dates, OTPs, authentication tokens and personal identity data, which are later used for financial fraud and identity spoofing.

The OTP scare

Cybercrime officials report consistent cases of fake SMS and WhatsApp delivery alerts leading users to phishing websites, fake payment pages and OTP-capture platforms. Victims are told a delivery has failed and are asked to click a link to confirm the address or reschedule delivery. In some cases, users believe they are paying a small delivery charge, but the OTP entered authorises large unauthorised transactions, draining bank accounts within minutes.

Festive offers, lucky draws and fake travel deals

Scammers are also using terms such as festive offers, lucky draws and free gifts, sending WhatsApp links that demand bank details. Taking advantage of the holiday travel season, fraudsters are promoting fake bus, train and flight tickets at unusually low prices, targeting citizens planning to travel home.

Fake notifications are sent via SMS (smishing) and email (phishing), posing as companies such as Amazon, UPS, FedEx or postal services. Messages often claim immediate action is required, warning users they may lose their orders. A single click can expose addresses, login credentials and financial details or install malware on devices.

Visa frauds, QR code scams and so-called “digital arrest” scams are also being reported frequently. Online visa frauds are increasingly targeting youngsters planning to study abroad, while travel-related scams peak during festivals, with fraudsters posing as travel agents or airline brokers offering discounted flights or free hotel stays.

APK, OTP and Credit Card frauds spike

“Investigations are carried out through credit card blocks and fraudster numbers, but most scams occur through malicious links or APK apps installed by citizens themselves,” SI Hima Reddy explained. In many cases, citizens unknowingly call fraudulent customer-care numbers for offers or investment enquiries, granting scammers access to their phones and enabling instant fund transfers.

She added that APK frauds, OTP frauds and credit card frauds spike during festivals, with stolen data including contact lists, bank details, installed APK files, photos and documents.

Cybercrime officials reiterated that legitimate courier companies never ask for OTPs or payments through random links. Citizens are advised to verify sender details, avoid unknown links and APKs, enable two-factor authentication and report fraud immediately by calling 1930 or visiting cybercrime.gov.in.