Fraud Awareness

KYC Fraud — Why Sharing Your Documents Carelessly Is More Dangerous Than You Think

Your Aadhaar and PAN are not just identification documents. In the wrong hands, they are a complete identity theft toolkit.

By FinAxis Team
KYC Fraud — Why Sharing Your Documents Carelessly Is More Dangerous Than You Think

Every few months, a new message circulates: 'Update your KYC or your account will be blocked.' Some come as SMS. Some as WhatsApp. Some as email. Some as calls. Most are fraudulent. And the people who act on them — sharing their documents, entering details on fake websites, or sharing OTPs — often discover weeks later that their identity has been used to take a loan, open a fraudulent account, or facilitate a crime.

How KYC fraud works — the four common methods

01
Fake KYC update links A message claiming your bank, UIDAI, or telecom will block your account unless you update KYC. The link leads to a perfect replica of the official website. You enter your Aadhaar number, OTP, and bank details. The fraudster now has everything needed to access your account.
02
Physical document misuse You submit photocopies of your Aadhaar and PAN to a local shop, a money changer, or a telecom retailer — for what seems like a legitimate purpose. Someone in the chain uses the copies to open a bank account, take a loan, or get a SIM card in your name.
03
Aadhaar OTP capture A caller says they need to 'verify' your Aadhaar for a KYC update. They initiate an Aadhaar-based authentication in your name — your phone receives the OTP. You share it. Your biometric data is accessed and your Aadhaar is linked to a service you never authorised.
04
Fraudulent account opening With your PAN, Aadhaar, and a basic photo (easily sourced from social media), criminals have opened bank accounts and demat accounts used for money laundering. The account holder of record is you. The criminal is untraceable.
HERE'S A THOUGHT

A homemaker in Pune received a call from someone claiming to be from her bank's KYC team. She shared her Aadhaar number and the OTP received on her phone 'to verify her identity.' Within 20 minutes, ₹47,000 was transferred out of her account. The entire fraud took 8 minutes. Her mistake was a single OTP shared on a single call. No bank will ever call you and ask for this. It does not happen.

How to protect your documents

  • Write the purpose on photocopies — e.g., 'For Reliance account opening on DD/MM/YYYY only.' This makes the copy useless for any other purpose.
  • Use a masked Aadhaar — UIDAI allows you to generate a masked version that shows only the last 4 digits. Use this for most purposes.
  • Lock your Aadhaar biometrics — on the UIDAI website, you can lock your biometric data, requiring you to temporarily unlock for any legitimate biometric authentication.
  • Never share your Aadhaar OTP with anyone — ever. For any reason. If someone claims to need it, it is fraud.
  • Check your Aadhaar authentication history periodically at resident.uidai.gov.in to see where your Aadhaar has been used.
THE BOTTOM LINE

Your identity documents are not just paper. They are keys to your financial life. Treat them accordingly. Share thoughtfully. Write purposes on copies. Lock your biometrics. And never, under any circumstances, share an OTP that arrives unsolicited.

Have a question about your finances?

FinAxis helps individuals and businesses across India with loans, working capital, wealth & insurance.

Talk to an expert
Back to all articles