Account Access scam guide

Phishing link scam

Phishing links impersonate banks, delivery firms, government portals, payment apps, social networks, or employers. They may use urgency, short links, fake domains, and lookalike pages.

Report this scam View all categories

Risk signal

Fake login

Severity

high

Group

Account Access

Common identifiers

Add identifiers that can be matched safely across reports, profiles, payments, and evidence without exposing unnecessary private data.

01

URL

Use the exact url shown by the scammer so CheckKaroo can link repeat signals and avoid weak matches.

02

Sender phone

Use the exact sender phone shown by the scammer so CheckKaroo can link repeat signals and avoid weak matches.

03

Email

Use the exact email shown by the scammer so CheckKaroo can link repeat signals and avoid weak matches.

04

SMS

Use the exact sms shown by the scammer so CheckKaroo can link repeat signals and avoid weak matches.

Evidence to preserve

Keep proof in original form where possible. Screenshots help, but transaction IDs, URLs, timestamps, and chat context make moderation stronger.

01

Full URL

Capture full url with date, time, sender, URL, or transaction context visible where possible.

02

Message screenshot

Capture message screenshot with date, time, sender, URL, or transaction context visible where possible.

03

Fake login page

Capture fake login page with date, time, sender, URL, or transaction context visible where possible.

04

Account alerts

Capture account alerts with date, time, sender, URL, or transaction context visible where possible.

First response

These steps reduce further loss and keep your report useful for review, banking escalation, platform reporting, and official complaints.

01

Do not submit credentials

Do this early: do not submit credentials helps reduce repeat contact, preserve proof, and keep escalation options open.

02

Report the URL

Do this early: report the url helps reduce repeat contact, preserve proof, and keep escalation options open.

03

Change passwords if entered

Do this early: change passwords if entered helps reduce repeat contact, preserve proof, and keep escalation options open.

Urgent money loss

If money was recently transferred, call 1930 first and raise a bank or payment-app dispute. Speed matters for fund-freeze attempts.

Privacy boundary

Do not upload OTPs, passwords, full card numbers, full Aadhaar, private documents, or unrelated intimate media. Use masked, relevant evidence whenever possible.

Related categories

Similar fraud patterns

SIM takeover

SIM swap fraud

Mobile number takeover used to intercept OTPs and access banking, email, or social accounts.

Unauthorized login

Account takeover

Unauthorized control of email, social, wallet, marketplace, or banking accounts.

Credential capture

OTP and credential theft

Scams that trick users into sharing OTPs, PINs, passwords, card data, or recovery codes.

Screen control

Remote access app fraud

Scammers make victims install screen-sharing or remote-control apps to steal money or data.

KYC panic

KYC update fraud

Fake bank, wallet, telecom, or account KYC warnings used to steal credentials or money.