I'm posting on behalf of my family member who got scammed 4-5 months ago and we're still getting no updates or money back. Please help us with any advice or if anyone has been through something similar.

What happened:

Hacker got access to phone via OTP fraud

Multiple UPI transactions were made from Kotak Mahindra Bank account

Total amount lost: ₹1,19,286

All transactions happened on 21st and 22nd December 2024

What we've done so far:

Filed complaint on cybercrime.gov.in (Acknowledgement No: 31112240212440)

Reported to Kotak Mahindra Bank

Complaint filed under UPI Related Frauds

Transactions went to multiple platforms — Jio Payments, Amazon, NSDL, Paytm

Current situation:

No money recovered

Cyber crime portal not showing status updates

Bank has not taken any visible action

4-5 months have passed

What we need help with:

Has anyone successfully recovered money from similar UPI/OTP fraud?

Which approach worked — RBI Ombudsman, legal action, or something else?

Any lawyers or consumer forums that helped you?

any India-wide advice is welcome.

Please upvote so more people can see this and help 🙏

Hi everyone, I am a college student (urgent need of money for paying mine and my sister college fees in next 1 2 month) and my family is stuck in a very stressful banking and cyber fraud situation. I need advice from anyone who has faced a similar "layering scam" or knows about banking/RBI rules.

1. The Incident (How the Scam Happened):

• My father was lured into a trading scam by fraudsters who made him download a fake "Nomura" trading app.
• They provided buy/sell signals. To build trust, they initially allowed my father to withdraw about ₹3 Lakhs after making profit in which he withdrew the money 2 time i think one time for 1 lakhs and another time for 2 lakhs .
• Once trust was built, my dad invested more money total around 25 to 28 lakhs . When he tried to withdraw the funds later, the app showed a "1000% profit" and demanded a 10% commission fee upfront to the employ who provided the signals and then they will release the funds. That’s when we realized it was a fraud.

2. What We Have Done So Far:

• We immediately filed a complaint with the Ranchi Cyber Cell after many days of running here and there from jsr to ranchi again spending a lot of amount 11 lakhs were recovered and further they were not able to recover the money .
• We hired a lawyer (paid ₹20k fees) to give notices to all the banks through court to release the recovered money in my fathers account .
• The Good News: With the help of the court notices, we successfully got around ₹11 Lakhs credited back to my father’s bank account (Jamshedpur branch).

3. The Current Problem (Where we are stuck):

• Out-of-State Liens: The ₹3 Lakhs that my father initially withdrew (which was actually stolen money from other victims in states like West Bengal) caused other cyber cells to put a lien on our account.
• Total Account Freeze: Even though the disputed amount is only around ₹3 Lakhs, the bank has frozen the ENTIRE ₹11 Lakhs.
• Bank's Unhelpful Attitude: Our Jamshedpur branch manager is telling us to physically travel to the West Bengal cyber cell (and other states wherever the lien came from) to resolve the matter what i got to know i dont know there exact wordings but what i know surely is that branch manager and ranchi cyber cell couldnt do any thing we have to go to west bengal cyber cell from where the lien has been put and ask for some noc or documents whatever i dont know clearly.
• Random Deductions: Small amounts (₹2k - ₹3k) are randomly getting deducted from the account i think as the 3 lakh amount is not ours money so whomever it belongs to it is going to their account (my personal thought) .
• Financial Drain: I am a student. We cannot afford to keep hiring lawyers in different states or travel across the country to visit different police stations.

My Questions for the Community:

1. Is it legal for the bank to freeze the entire ₹11 Lakhs when the disputed amount from other cyber cells is only ₹3 Lakhs? Can I approach the RBI Ombudsman to unfreeze the remaining ₹8 Lakhs?
2. How can we remove the lien from out-of-state cyber cells without physically traveling there? Can this be done via email or virtual meetings by showing our own FIR?
3. Has anyone successfully navigated this exact situation? Any practical steps would be highly appreciated.
4. what are the things i should do now pls helps us we are financially and mentally drained

In August 2026, my academic records (those which are irrecoverable by any other modes), years of digital data and financial records will be permanently deleted by Google. This is not a locked account — this is the execution of my digital life.

I lost my phone on 18 August 2024, since then i have been unable to recover my 3 google accounts... but couldn't get it recovered till now.

I am a verified victim of identity theft.

Yet after two full years of desperate appeals, I am facing complete erasure because Google refuses basic human help.

1. Google’s Algorithmic Indifference & Toxic Support

Every support ticket ends in the same endless bot loop: “Visit https://accounts.google.com/signin/v2/usernamerecovery?flowName=GlifWebSignIn&flowEntry=ServiceLogin” — a tool that requires the stolen phone.

Even on Google’s public Community forums, “Product Experts” responded with sarcasm. One moderator compared my identity theft crisis to hospital triage and wrote:

“Meh… 2 hours… it’s close enough.” ("Thread Link")

This is how a trillion-dollar company treats a student fighting to save their entire future.

2. GAC Stagnation — 50+ Days of Complete Inaction

I escalated to the Ministry of Electronics & IT’s Grievance Appellate Committee (GAC) in mid-March 2026.

The law requires sensitive grievances to be resolved in 7–30 days.

Reality? The portal has shown “Under Process” for over 50 days with zero communication. (ScreenShot Attached)

The government’s own redressal mechanism is now actively enabling Google’s default.

3. DPDP Act 2023 & Nov 2025 Rules — Still Being Ignored

Google is a Data Fiduciary under the Digital Personal Data Protection Act 2023.

The DPDP Rules notified on 14 November 2025 were meant to end exactly this kind of corporate negligence.

Refusing manual recovery during an active identity-theft dispute is a clear “Data Default” — punishable by penalties up to ₹250 crore.

Six months later, nothing has moved.

I have now exhausted all administrative channels and will post the complete evidence thread on X this Tuesday (tomorrow).

Genuine Ask (Legal & Tech Community)

• Has anyone faced similar Google recovery denial after identity theft?
• Lawyers: Is a Writ of Mandamus under Article 226 the next realistic step to force GAC action or get an ex-parte stay on deletion?
• Has the Data Protection Board started taking up individual complaints under the 2025 Rules?
• I have every receipt ready and will reply to every serious comment.

I have every receipt ready and will reply to every serious comment.

This affects every Indian Gmail user if Big Tech can simply ignore Indian law while the grievance system sleeps.

Don’t let them delete a human's digital life because it’s “easier” than providing support.

​

I have a barely used smasung galaxy note tablet thatts about 8 years old model i barely used it for some reason.

Now when my current tablet has died i tried this galaxy note tablet but its missed software updates and i cant install youtube or whatsapp.

Speed and working is absolutely fine , but now how do i bring its software up to date and get youtube, whatsapp etc on it because

It just has normal chrome browsers, speed is fine, but playstore isnt showing the apps for this. Very limited apps are getting thru. Says device not compatible.

I dont wanna waste money buying another new tablet, if possible i need to make this one work..

One of my cousins was just ripped of Rs 20 lakhs. He somehow landed on one of those remote job websites and ended up transferring them a minimalistic amount through which they got his account details and withdrew every single penny from his account.

We have tried reaching out to the Cyber cell but they haven’t been taking any stern steps towards catching these fraudsters.

Just wanted to ask the fellow redditors, what can be our alternative action plans ?

Hi everyone,

I’m posting this because I’m in shock and also want to create a clear paper trail and get practical advice from people who’ve dealt with similar cases.

Summary

• Bank: Axis Bank credit card (new card, issued ~1 month ago)
• Amount lost: ₹45,000
• Merchant: Easy Trip Planners / EaseMyTrip
• Fraud type: Vishing (fake Axis Bank call) + OTP sharing + fake website
• Evidence I have: full call recording + full transcript + SMS screenshots
• Status: Complaints filed with Axis Bank, EaseMyTrip, National Cybercrime Portal, Telangana Cybercrime

How the scam happened (detailed)

On 7 May 2026, I received a call on my registered mobile number from a person who introduced himself as “Rahul Agnihotri from Axis Bank Credit Card Department, Mumbai Head Branch, Nariman Point.” He already knew my Axis credit card limit (₹48,000) and roughly when I got the card (about a month ago), which made the call sound genuine.

He started by asking if I was facing any issues using my card and then smoothly shifted to talking about increasing my credit limit (I had mentioned I wanted to buy a laptop and furniture). He said they could increase my limit by ₹45,000 (total ~₹93,000 limit). Then he mentioned that my card had a Card Protection Plan attached and that ₹3,400 would be deducted that day and every 6 months. He said I should cancel it immediately if I didn’t want those charges.

He asked me to open the Axis Bank app, showed me how to check outstanding (0) and available limit (₹48,000), and then told me to open Google Chrome and type a URL: servicehelp.online/axis. At first I typed with spaces; he specifically instructed me to write it as one word without spaces. This site loaded some “Axis”‑looking page, but I now know it was not an official Axis site.

On that website, he told me to click something like “Plan Deactivate / Apply Now” and fill in:

• Name, mobile, date of birth, email
• Then Name on card, full card number, expiry, CVV (which he called “authentication code”)

I entered all this, thinking it was for cancelling the plan and increasing the limit.

Then he said I would receive an OTP from Axis Bank, and I needed to enter it on the site to complete the process. An OTP did come. I put it on the site, but the page didn’t move forward and kept showing “Verify with Submit”. He then said maybe the OTP expired and that he needed to “edit from his side” and asked me to read the OTP out to him.

At this point I got suspicious. I explicitly asked him if this could be a fraud and whether it was safe to share OTP. He reassured me multiple times that he was from Axis Bank, that the call was recorded, that they already had my details, and that “there is no problem in sharing the OTP.” I told him I would start recording the call from my side and asked for his consent; he agreed. Then, still under the impression that this was Axis Bank, I shared the 6‑digit OTP.

Within seconds I got an SMS from Axis Bank saying:

>

I immediately questioned him. He said this was just the “spend limit hold” for the limit increase; that the bank had “held” 45K and in 24 hours my card limit would show ₹93,000, and I should not use the card for 24 hours. He said I’d get a confirmation call/IVR to press 1, etc. Only after the call ended and I calmed down did I realize this was a well‑orchestrated fraud.

What I’ve already done

I know timing matters in these cases, so I’ve spent all day doing the following:

1. 1930 (National Cybercrime Helpline)
   • Called 1930, explained the incident, and got a link to a Telangana Cybercrime chatbot.
   • Provided details there (though the bot was buggy initially).
2. Telangana Cybercrime
   • Received a callback from Telangana Cyber Crime Bureau.
   • Shared call recording, transaction screenshot, card last 4 digits, fake name (“Rahul Agnihotri”), fake URL (servicehelp.online/axis) via WhatsApp as they requested.
   • They have my details and said they will process the complaint.
3. National Cybercrime Reporting Portal (cybercrime.gov.in)
   • Filed a detailed complaint under Online Financial Fraud – card/OTP fraud.
   • Uploaded screenshots and gave a full written incident description.
   • Got an acknowledgement / complaint number.
4. Axis Bank
   • Used Axis portal “Report Fraud & Dispute” to raise fraud for the ₹45,000 Easy Trip Planners transaction (reason: cardholder has not done the transaction).
   • Emailed pno@axisbank.com (Principal Nodal Officer) with:
     • Full story
     • Cybercrime complaint ID
     • Mention of the call recording and transcript
   • Axis replied acknowledging my complaint and saying they will respond within 3 working days.
5. EaseMyTrip (Easy Trip Planners)
   • Emailed care@easemytrip.com with subject “Fraudulent Booking Using Stolen Axis Credit Card – Request Immediate Cancellation and Refund.”
   • Their system created a ticket [#EMT_1812026050817440205] and sent an automated mail telling me to use their self‑service portal.
   • I replied in the same thread clarifying this is not a normal cancellation but a cyber‑fraud booking, and requested them to:
     • Identify the booking,
     • Cancel it as fraud,
     • Refund to original payment source.
   • I plan to call their customer care and ask for booking ID, PNR, travel date, and status, and push for fraud cancellation.

Evidence I have

• Full call recording where:
  • He clearly claims to be from Axis Bank credit card department, Mumbai Nariman Point
  • He gives the fake URL servicehelp.online/axis
  • I ask him if it’s safe to share OTP and he reassures me
  • I then read out the OTP
  • Immediately I get the “Spent INR 45000 at EASY TRIP PLANNERS” SMS and he gives a fake explanation
• Full transcript of the call
• Axis SMS and transaction details
• Screenshots of Axis fraud‑dispute page and cybercrime acknowledgements

What I’m looking for from this subreddit

I know I made two big mistakes: entering card + CVV on a non‑Axis website and sharing the OTP, even after doubting it. I’m not looking for validation—only practical guidance.

What I want to know from people who’ve gone through similar cases (especially with Axis/EaseMyTrip):

1. Axis Bank side
   • Realistically, has anyone here managed to get refund / chargeback from Axis in an OTP‑shared vishing case when there was strong evidence (call recording, cybercrime complaint, etc.)?
   • How did you structure your follow‑up emails after the initial 3‑day reply?
   • Did you eventually have to go to RBI Integrated Ombudsman? If yes, what documents and wording helped?
2. EaseMyTrip / airline side
   • If the booking is for a future date and unused, how cooperative are EMT and airlines in fraud cancellation + refund to card when given cybercrime complaint + FIR?
   • Any specific email formats or escalation contacts (grievance officer etc.) that actually worked?
3. Cybercrime / FIR
   • For people in Telangana / Hyderabad, after sharing evidence via WhatsApp and filing on cybercrime.gov.in, did you get a formal FIR number?
   • Did having an FIR significantly help with bank or merchant refund?
4. Timeline and expectations
   • How long did it take (weeks/months) to get money back, if at all?
   • Any tips on what I should or should not say to Axis / EMT going forward to avoid them closing the case as “customer liability because OTP shared”?

Any detailed responses from people who have dealt with Axis Bank + card fraud + merchant like EMT, lawyers, or folks involved with cybercrime handling would really help. I’m already deep into the complaint process and just want to maximize my chances of recovering the ₹45,000 and making sure I’m doing all the right things in the right order.

Thanks in advance to anyone who reads this and shares their experience or advice.

Someone took my mum's purse, in Udaipur Rajasthan.

The purse had everything, some cash, debit card, jewellery, and some other things too.

I've marked the phone as lost (I have the email logged in my phone as well)

The phone is currently switched off, and on calling its also saying the same.

I live 3 states far, and my mom and dad are alone. What can we do? Please Help.

They are at the police station and also very stressed.

Please help if you know anything

\​

I’m currently a 3rd year BTech Cybersecurity student in India, and honestly my college still hasn’t taught much practical stuff yet. Most of what we’ve learned is theory, while I’m more interested in actually building cybersecurity skills practically.

Right now I know basic Linux usage, have used VMs, and I’m trying to build a proper roadmap for cybersecurity. My long-term goal is to move toward the offensive side of cybersecurity, especially penetration testing and eventually red teaming.

I want to learn things like:

\\\\- web security

\\\\- PortSwigger labs

\\\\- TryHackMe

\\\\- scripting

\\\\- networking

\\\\- practical pentesting concepts

I was also interested in OSINT, but I honestly couldn’t find many reliable beginner-friendly resources or a proper roadmap for learning it seriously.

Currently I feel like I’m missing strong fundamentals and structure, which is why I was considering buying a beginner bundle from Tutedude that includes:

\\\\- Linux

\\\\- Python

\\\\- Cybersecurity fundamentals

\\\\- Ethical Hacking

Mainly because I want:

\\\\- structured learning,

\\\\- roadmap clarity,

\\\\- beginner fundamentals,

\\\\- and enough knowledge to become capable of learning independently afterward and prepare for internships/placements.

The bundle is around my budget (\\\\\\\~₹1500), which is why I’m considering it.

One more thing is that I only have around 8–10 months before placement season starts, so I want to focus on the most useful and realistic path instead of wasting time jumping randomly between resources.

But I’m also a bit suspicious because whenever I search reviews, I mostly find either extremely positive posts with referral codes or deleted criticism threads. So I wanted honest opinions from people already in cybersecurity.

A few things I wanted to ask:

1. Are there better courses/platforms under ₹1500 for a beginner in my situation?

2. Is Tutedude actually useful for fundamentals or mostly marketing hype?

3. How legit/useful is their refund policy in real experience?

4. If I complete such beginner courses, what should my next learning path look like afterward?

5. Should I directly move into PortSwigger/TryHackMe after that, or focus more on networking/Linux/Python depth first?

6. Also, are there any good reliable resources/roadmaps for learning OSINT properly as a beginner?

7. Considering I only have around 8–10 months before placements, what skills/projects should I prioritize the most for internships or entry-level offensive security roles?

I’m NOT expecting a “become hacker in 2 months” course. I mainly want a strong enough base so I can learn independently without constantly feeling lost.

Would really appreciate honest advice, especially from people already working/interning in cybersecurity or offensive security.

TL;DR: 3rd year BTech Cybersecurity student wanting to start learning practical cybersecurity concepts for offensive security/pentesting. Looking for suggestions for good beginner resources/roadmaps and whether Tutedude is a good step to begin with for building fundamentals and internship preparation.

I ordered shoes from an Instagram store that turned out to be a scam. I paid ₹1480 and after waiting for 2 months with no delivery and constant back-and-forth, I finally filed a cyber crime complaint on 12th March.

The same day I informed the seller, and she immediately initiated a refund that night. However, my SBI bank account got a hold of ₹1480 due to the complaint.

Later, the scammer also received a notice from the police (since their account was flagged), and she filed a counter complaint against the refund she sent me. After that, on 14th April, another ₹1480 was put on hold in my account.

So now, a total of ₹2960 is on hold.

I visited SBI, but they said they can’t help and asked me to contact the cyber crime police station. I’m really confused because I’m the victim and I have all the proof.

I’ve also seen a lot of negative experiences here about police/banks not helping, which is making me more worried.

What should I do next?

I have 3 months of holidays and then my 3 year will be starting, which is my last year as I am doing Bca(Cyber Sec). In 3rd year companies will be coming and though most of the Bca folks get Non tech placement but I want to only go in Tech or else off campus. Please give me suggestions on what I should focus on in these 3 months and skills I should develop. Any tips will be appreciated. I am also doing a volunteer ship in Cyber police for 3 months....pleasee help meeee!!!

Same as topic

https://reddit.com/link/1t45r98/video/j2rd8nx249zg1/player

Hi everyone, need advice here
So this guy called Deepak Sharma runs a logistics company , and we consulted him for a car shift service from Pondicherry to Hyderabad and everything seemed ok until the guy asked for an advance of 14k , he sent us a bill of VRL Logistics which is a reputed company in this field , we should have guessed it then and there that this guy was a trash scammer but still trusted him and sent him the money ,and later he left the car in the same place from where he picked it up after holding on to it for 2 days and the money…? Nope he’s keeping it for the time and effort he invested, after a lot of fights with him over calls we could recover 8k and the remaining 6k he is not willing to give even after police complaint threaten.
What to do…?

Each week there are ATLEAST a few posts of about someone who has been cyber hacked,.threatened, bullied, etc.

The fact that the victims need to ask on here shows that the cybercrime complain portal online isn't all that in resolving matters.

Most victims feel helpless. And so many times they're told that they are just imagining it.

They are asked questions like " oh how did u get hacked " as if they know cybersecurity like an expert.

Can there be a group of legal experts as well as cyber sleuths working together as one unit to solve and resolve cyber problems ?

I dont know much about this, but generally iam just wondering if overall a group can be formed, i don't know what would be an adequate compensation for the work involved but it should be reasonable i guess.