Over the past five years, India’s rapid embrace of cashless digital payments has unlocked unprecedented convenience for millions of consumers — but it has also opened the door to a soaring wave of cyber-enabled financial fraud that has drained billions of dollars from ordinary accounts. The scale of the crisis became stark in new data showing nearly 2.5 million Indian citizens lost a combined $25 billion to digital scams in 2025 alone, marking a staggering 4,300% increase in total losses since 2021. This explosive growth has forced India’s central banking regulator, the Reserve Bank of India (RBI), to intervene with a slate of proposed policy changes aimed at curbing the harm, though industry experts warn the new measures face major implementation hurdles and may deliver only limited impact. The human cost of the crisis is illustrated by the experience of Alok, a business analyst based in Pune whose identity has been protected by changing his name. In February, he received an urgent text message claiming he owed a 1,000 rupee ($10.75) speeding fine, warning that his driving license would be suspended if he did not pay immediately. Pressured to act quickly, Alok clicked a linked payment portal and entered a one-time password (OTP) to complete what he thought was the small transaction. Within minutes, his credit card had been charged the full maximum limit of $3,225. Alok had fallen victim to one of India’s most common social engineering scams, where fraudsters use psychological manipulation — stoking fear and urgency — to trick users into revealing sensitive authentication details that allow scammers to drain their accounts. These fake messages mimic official government or bank communications, directing unsuspecting victims to convincing phishing websites that harvest their credentials. As digital payment adoption has accelerated far faster than public digital literacy and regulatory safeguards, this type of fraud has evolved into a national crisis. In response, the RBI released a public discussion paper earlier this month outlining a series of potential reforms to crack down on illegal activity. The most notable proposals include mandating a one-hour processing delay for account-to-account money transfers, requiring additional authentication from a pre-approved trusted person for high-value payments made by vulnerable groups such as senior citizens, imposing stricter limits and ongoing reviews for large credits to new customer accounts to flag potential money mule accounts used to launder fraudulent funds, and giving consumers the ability to toggle digital payment services on or off and set custom transaction limits, similar to the controls already available for physical credit and debit cards. While experts broadly praise the RBI’s proactive, consultative approach to addressing the crisis, many question the effectiveness and practicality of the proposed policies. Rajesh Bansal, former CEO of the RBI Innovation Hub, told the BBC that while a payment processing delay could block the type of OTP scam that targeted Alok, these simpler scams now make up only a tiny fraction of total fraudulent activity in India. “These scams were the dominant variety three or four years ago, but frauds have now moved to another level, and are far more sophisticated,” Bansal explained. Wriju Ray, a senior leader at leading regulatory technology firm IDfy, notes that implementing a system-wide payment delay would also be logistically extremely challenging. India’s digital payment ecosystem is built around the core principle of instant transaction processing, so adding delays would require a complete overhaul of existing network architecture, from transaction queuing systems to transaction cancellation protocols. The RBI itself acknowledges this challenge, admitting in the discussion paper that the change would require significant cost and effort across the entire industry, and would contradict the core design of India’s real-time payment infrastructure. Bansal compares the change to “building an expressway and adding speed breakers every few kilometres” — creating unnecessary friction for legitimate users that will do little to stop determined scammers. Ray adds that fraudsters are already likely to adapt to the change, for example by instructing victims to complete transactions an hour in advance to avoid triggering any fraud alerts. Other proposals also raise practical questions, experts say. While extra authentication for elderly users is a well-intentioned idea, it is unclear how the rule would work in practice: what if the trusted person is traveling abroad? And if the trusted person approves a transaction that still turns out to be fraudulent, who bears legal responsibility for the loss? The plan to strengthen detection of money mule accounts through stricter checks and credit limits may be effective, but it would also impose heavy new compliance costs on financial institutions — costs that would ultimately be passed on to ordinary consumers, Ray argues. Bansal adds that the RBI already has a fully developed mule detection platform called Mulehunter.AI, which was created during his tenure as CEO and is designed to provide real-time intelligence on high-risk beneficiary accounts. The platform has yet to be rolled out for widespread real-time use across India’s banking system, and Bansal is calling for its immediate, expedited implementation as a more effective immediate solution. Beyond regulatory changes, experts agree that policy intervention is only one piece of the puzzle. Closing the gap between rapid digital adoption and public digital literacy is a critical, long-overdue priority. India’s population has moved to digital payments at a breakneck pace that outstripped the growth of consumer education and fraud awareness safeguards. While the RBI has launched public awareness campaigns, recruiting high-profile celebrities such as Amitabh Bachchan and running ads during widely viewed Indian Premier League cricket matches, experts say far more investment is needed to bring digital literacy to all segments of the population, particularly vulnerable groups like the elderly that are most often targeted by scammers. Experts also add that the RBI needs to deepen cross-agency collaboration with police forces, relevant government ministries, the securities and markets regulator, and other stakeholders to tackle the root of the fraud crisis, as fragmented responsibility across agencies has slowed effective action to date. Despite the concerns about the specific proposals, experts do welcome the RBI’s new open, consultative approach to addressing the problem — a marked shift from the bank’s past practice of issuing top-down decrees without public input. Ray notes that the ongoing public discussion of the crisis is itself a positive step that will ultimately lead to more effective, widely accepted regulation over time.
Indians lost $25bn to digital fraud in 2025 – now its central bank is fighting back
