Executive Summary

Raksha Bandhan is a time for siblings to celebrate and exchange gifts, but cybercriminals often exploit the occasion. Fraudsters know people shop online and share joyful messages, so they roll out Rakhi-themed scams – from bogus gift deals to fake delivery notices. Cloudsek sees a surge in online shopping scams on Raksha Bandhan: “Fake websites, unbelievably low prices, and attractive offers” are tactics crooks use to lure victims. Popular ploys include fraudulent SMS or email “gift offers” and fake e‑commerce sites claiming huge Rakhi discounts.

Below are common scam types seen around Raksha Bandhan:

Phishing messages (emails/SMS/WhatsApp): Scammers send messages claiming “Your Rakhi gift is on the way” or advertise amazing Rakhi sale coupons. These usually contain malicious links or forms. For example, fraudsters have posed as courier companies (like India Post) saying a Rakhi gift delivery was delayed due to an incomplete address, asking victims to click a link and pay a small “re-delivery” fee. Clicking or responding can lead to malware on your phone or theft of payment data. Always treat unsolicited Rakhi offers or delivery notices with suspicion.

Below is an example of a Raksha Bandhan-themed suspicious WhatsApp message, which may contain a malicious link capable of delivering malware to your device or stealing your payment information.

In another method, a new phishing technique is gaining traction by impersonating Raksha Bandhan Gifts from the Ecom platform, which leverages URLs containing legitimate-looking domain names followed by the "@" symbol—for example, [email protected]. At first glance, such URLs may appear to be associated with well-known e-commerce site. However, in reality, the actual destination is a phishing page created on .cyou, not the legitimate domain.

‍

‍

When a user clicks on a link like this, most browsers ignore everything before the "@" symbol (e.g.,ecom.com@) and instead navigate directly to the domain that follows it (e.g.,a malicious webpage created on.cyou). This deceptive use of the "@" symbol can easily mislead users into thinking they are visiting a trusted site, when in fact, they are being redirected to a potentially malicious website.

‍

‍

Fake shopping social media & websites: Criminals set up fake online stores selling rakhis, sweets or gifts at too-good-to-be-true prices. These clone sites often mimic real brands but have spelling errors or strange URLs. When you enter payment or card details, the money goes straight to scammers and your info is stolen. Once victims “enter their payment details… the entire payment redirects to the scammers along with the banking information”. 

A fraudulent Instagram page is promoting the sale of the iPhone 16 Pro for just ₹599 under the guise of a Raksha Bandhan special offer.

‍

Another sponsored ad uses a Raksha Bandhan sale-themed template to lure victims and redirect them to a scammer-controlled website.

‍

‍

The ad redirects users to a fraudulent website — https://rakshabandhanoffer.in.net/RakhiOff/ — which mimics a legitimate e-commerce platform but is designed to deceive and defraud visitors.

‍

False delivery/shipping alerts: Scammers pretend to be courier or e‑commerce support teams. For instance, after ordering a Rakhi, you might get a WhatsApp or SMS saying the gift needs an urgent delivery fee. You’re given a payment link or told to call a “support number”. Victims who pay are tricked into revealing bank details or unknowingly approving UPI payments. Cloudsek warns of “fake alerts for shipments” with links to pay delivery charges. The recommended safeguard is to verify any shipment notice independently – e.g. check the tracking number on the official courier site or call the real courier’s helpline from their official website.

Fraudulent Gift Card UPI/payment requests: Be wary of UPI “collect” requests or payment links tied to Rakhi greetings. Scammers may send a fake message saying “Brother sent ₹X gift, click here to receive it” or share a phony QR code for Rakhi gifts. In reality, clicking may trigger a UPI payment to the fraudster. Cloudsek have noted similar scams where viral messages claim a government gift but actually trick users into sending money via UPI. Never approve an unexpected UPI request: always double-check the payee’s name and refuse links that ask for your payment PIN or OTP. If something appears official (e.g., government, bank, or e-retailer), cross-verify by searching official sites directly rather than relying on social media links.

The threat actor appears to be targeting multiple regions by tailoring content in various languages, including Hindi, Telugu, and Tamil. They have crafted phishing campaigns offering fake ₹5,000 gift cards to lure victims.

‍

‍

When a victim clicks on any template, they are redirected to a phishing website that falsely claims to offer a gift card from the Prime Minister under the Mudra Yojana. Upon clicking the “Scratch Here” button, an intent-based UPI prompt opens apps like Paytm or PhonePe, allowing the user to directly transfer money to the scammer by simply entering a UPI code.

‍

During our deep-dive investigation, our team identified the scammer’s banking details, including their UPI ID: 34161FA82032*AA2D24E6B40@mairtel. This UPI ID is linked to a registered business named "udayrajkiranastore."

‍

Through threat hunting and OSINT efforts around "udayrajkiranastore", we discovered a Facebook profile belonging to a suspected threat actor named Shyam Saini. Interestingly, the same UPI payment code appears to have been unknowingly uploaded on his profile.

‍

The suspected threat actor behind the gift card scam campaign has been identified as Shyam Saini. Profile URL: https://www.facebook.com/shyam.saini.263528 

‍

In another threat hunting instance, our team discovered a domain impersonating Raksha Bandhan offers — https[:]//rakshabandhanofer.xyz/ — which was hosting a phishing kit named Giftcard as PM.zip.

‍

Upon extracting PM.zip, we found that it contained an entire phishing kit designed to support the gift card scam, falsely presented under the guise of the Prime Minister’s Mudra Yojana.

‍

‍

We discovered that this scam is also being circulated on the Facebook platform, where users are lured with a fake ₹1,000-2000 cashback offer under the guise of a Raksha Bandhan festival promotion.

‍

‍

‍

Impersonation/emotional scams: Rakhi is about brother-sister love, and con artists play on that emotion. Some scammers pose as siblings, cousins or even parents in distress. For example, an Indian Express report details a Mumbai woman who received an Instagram friend request from someone claiming to be her “brother” in London. He said he was sending her a Rakhi gift but needed her to pay customs and delivery fees. Over several days she paid ₹8.20 lakh in fake charges before realizing it was a scam. Other con artists may pretend to be elderly relatives or friends in trouble, asking for money urgently. Always pause and verify: call the relative through a known number (not the one the scammer gives) or ask family members directly before sending any money.

Fake support/tech scams: Scammers may impersonate customer support for e‑commerce companies. A common trick is to lure frustrated shoppers onto a WhatsApp or phone call and then request screen-sharing. One India Today story describes how fraudsters posing as “Ecommerce Support” video-called a customer on Raksha Bandhan, insisting she share her screen. They planned to push a malicious app prompt and capture her OTP to drain her bank account. Legitimate companies will never ask you to share your screen or see your PIN. If someone calls claiming to help with your Rakhi order or bank issues, hang up and contact the company yourself via official channels.

Real Rakhi Scam Stories

News reports show how these scams play out in India:

• Virtual Brother Gift Scam (Mumbai, 2022): A 22-year-old woman on Instagram was befriended by a fraudster posing as a London-based “brother” (a surgeon). He told her he was sending Rakhi gifts by courier but demanded various fees (customs, delivery, insurance) via her bank. She ended up paying ₹8.20 lakh before realizing it was a fraud.
  
  
• Fake Customer Care Scam (Chandigarh, 2020): Priya, 24, ordered a ₹150 rakhi online from Flipkart. Wanting it delivered before Rakhi, she contacted “customer service” – which turned out to be impostors. Two fraudsters posing as Flipkart and Axis Bank reps hacked her smartphone and tricked her into three payments, totaling ₹48,899.
  
  
• Courier Helpline Scam (Bengaluru, 2024): An Air Force cook named Papa Rao tracked his sister’s Rakhi parcel sent by courier (DTDC). When he called the number listed on the tracking site, he received a callback from someone claiming to be a DTDC executive. This caller sent a link for Rao to enter his name, mobile and address. Unbeknownst to him, his phone was hacked. Soon after, fraudsters emptied his SBI account – siphoning off ₹1.6 lakh in three transactions.
  
  
• Fake Support Video Call (Kanpur, 2024): A fact-checking report from India Today described a shopper who grew impatient over her delayed Rakhi gift from Flipkart. She tweeted her issue, and scammers posing as “Flipkart Support” quickly DM’d her, even calling via WhatsApp video. They urged her to share her screen, claiming it was needed to fix the delivery. Had she complied, they planned to steal her OTP and drain her account. She wisely refused and recognized the scam.
  
  

These cases illustrate the variety of Rakhi-related frauds – from cloned websites and customer support scams to heart-tugging impersonations.

How to Stay Safe

For Online Shoppers

• Use official sites/apps: Always buy from well-known platforms or verified sellers. Don’t click ads or links in random messages. Instead, go directly to a retailer’s official website or app.
  
  
• Check URLs and security: Verify the website address carefully. Look for the correct spelling and domain name, and ensure the URL begins with “https://” and shows a padlock icon. Fake sites often use similar names with minor typos. If anything looks off, close the page.
  
  
• Beware of too-good deals: If a Rakhi discount seems unbelievably large, it probably is. Scammers use “unbelievable offers” to draw victims. Remember that genuine online sales are announced through official channels (brand emails, verified social accounts), not forwarded messages from unknown people.
  
  
• Don’t click suspicious links: Whether in email, SMS, or social media, never click on unknown links promising Rakhi goodies. A good practice is to preview links before tapping them. Cloudsek advises using a link-expander tool to see the real URL behind a shortened or masked link. Check for misspellings or irregular domains.
  
  
• Prefer secure payment methods: Use payment options that offer buyer protection (like credit cards or well-known wallets). Never send money or share UPI/NetBanking credentials on a third-party link. Importantly, do not share your OTP, PIN or full card details with anyone. Banks and companies will never ask for this over a call or text.
  
  
• Track your orders through official channels: When awaiting a Rakhi parcel, track it only on the courier’s legitimate site or app. If you need help, find the courier’s contact info on their official website – not from a random Google result or message.

For Social Media Users

• Be skeptical of unknown contacts: On platforms like Facebook, Instagram or WhatsApp, don’t accept friend/follow requests from strangers claiming to be family or offering gifts. Scammers may impersonate distant relatives or siblings. Always verify new contacts – for example, call them at a known number to confirm their identity.
  
  
• Ignore “free gift” posts and contests: Beware of social posts or ads that promise Rakhi freebies if you share or tag friends. These often collect your data or trick you into scams. If a page or influencer suddenly advertises Rakhi giveaways, check if it’s a verified account. Report any suspicious posts to the platform.
  
  
• Watch out for support impostors: Legitimate companies rarely reach out unsolicited on social media. If someone contacts you claiming to be “official support” (e.g. Ecommerce/Xpressbees customer service), do not trust it. As noted above, scammers may lure you into calls or screen-sharing. Instead, raise a support ticket or use the official app’s chat.
  
  
• Protect your personal info: On social networks, avoid sharing sensitive details (like birthdates or family names) that scammers could use to personalize scams. Enable privacy settings so strangers see limited information.

For Seniors (Elderly)

• Verify any strange request: Seniors often struggle to spot scams – studies show about 45% admit they have difficulty identifying online fraud. If you receive a Rakhi-related message or call that seems odd, it’s OK to ask a younger family member for a reality check. For example, if a message says “your son sent a gift, pay ₹X,” hang up and call your son directly to ask.
  
  
• Beware of urgency and emotional pleas: Scammers often create a sense of panic (“urgent customs fee”) or pull at heartstrings (“brother’s gift is here, pay now”). Remember that no real courier or company demands money urgently over phone or chat. Genuine issues can be resolved calmly through official customer care.
  
  
• Never share OTPs or PINs: If a caller or message asks for your bank OTP or PIN to “confirm delivery” or “process payment,” do not comply. These are red flags. Keep your ATM and banking info secret from everyone.
  
  
• Set up trusted contacts: Decide on one or two family members or friends you can always call if unsure. If a Rakhi-related email or WhatsApp message confuses you, show it to someone you trust before responding.
  
  
• Use official help lines: If you suspect fraud, tell a family member or report it yourself. India’s National Cybercrime Reporting Portal (cybercrime.gov.in) and helpline number (1930) can assist with Internet scams.
  
  

General Tips for Everyone

• Enable two-factor authentication: Wherever possible (email, payment apps, social media), turn on 2FA. This adds a layer of security if your password is compromised.
  
  
• Regularly update software: Keep your phone and apps up-to-date. Updates often patch security holes that scammers exploit.
  
  
• Use secure transactions: On websites, ensure the address bar shows “https://” (the “s” is for secure). Avoid logging into banking or shopping apps on public Wi-Fi networks.
  
  
• Verify before you trust: If a Rakhi offer or message references something official (bank, government benefit, brand sale), check the news or the company’s official announcements first. For instance, frauds have circulated about free gifts or government deposits for Rakhi – always ignore such unsolicited “gifts” unless confirmed by an official source.
  
  
• Report fraud promptly: If you encounter a scam or lose money, inform your bank immediately. Then file a complaint at the National Cyber Crime Reporting Portal or call the cyber helpline at 1930. Early reporting increases the chance of blocking the fraud.
  
  
• Stay informed: Share this knowledge with family and friends, especially non‑tech-savvy members. Discuss common scams over Rakhi gatherings so everyone stays vigilant.
  
  

By keeping these precautions in mind, you can ensure your Raksha Bandhan remains joyous. Celebrate the sibling bond – but always double-check online offers or delivery requests. Stick to trusted platforms and official channels, and remember: no gift or deal is worth risking your hard‑earned money or personal data. Stay safe and enjoy a happy, scam‑free festival!

‍