Worried about UPI frauds amid festive season? NPCI shares 5 tips for secure digital payments

Diwali 2025: For individuals concerned about Unified Payments Interface (UPI) fraud or falling victim to scams while making digital transactions through their payment platforms, the National Payments Corporation of India (NPCI) has issued guidelines to secure their digital payments.

The authorities recommended that people should follow the ‘Stop, Think, Act’ principle, as stopping to think and verify before clicking on any ‘unexpected requests.’

People should be more vigilant, as scamsters are aware that many individuals may act impulsively to secure a ‘too good to be true’ deal. These fraudsters often exploit people through social engineering by leveraging technology and awareness.

5 tips to secure digital payments

1. Shop through official Apps and Websites: People should make sure that they are shopping on the authentic and official websites and applications, as fraudsters create similar websites and links, especially during the festive season sale.

These fraudsters seek to steal personal and payment details. To avoid this, people need to type the web address themselves or use the official app.

“Avoid clicking on links from promotional emails, SMS or forwarded messages. Do not download files or click on links from unknown sources, as they may contain harmful software and could gain access to your device,” according to NPCI’s official release.

2. Complete payment within platform: People should be aware of scammers who try to push them to pay on an external UPI link or ID, which is outside the shopping application or site, bypassing the safety checks.

UPI users should always complete transactions on the official checkout page after confirming the seller’s details.

3. Be careful of Free Vouchers and Cashback: People should be careful about the messages offering rewards, cashback, or festival gifts that may ask for OTPs, account details or small “fees” from the customers.

If the free vouchers and cashback are genuine, they will not require the winner to enter any sensitive information or make upfront payments. Hence, NPCI recommended that people should ‘pause and verify’ before engaging with such offers.

4. OTP requests as warning: Fraudsters now use messages that claim a payment has failed or an account is blocked, and then request one-time passwords (OTPs) to “fix” the problem.

“OTPs are meant only to confirm a transaction initiated by users,” said NPCI, highlighting that banks or payment applications never ask for these OTPs over calls or messages.

5. Don’t act under pressure: Scammers often create and use the opportunity of urgency by saying an offer will expire soon or your account will be blocked if you don’t act.

Users should always remember that ‘genuine platforms’ do not use fear or rush tactics, so people should take a moment to check before responding to any tactic.