cyberpeace logo white

CyberPeace Foundation is an organization working to create and uphold cyber peace and harmony throughout the globe. It continuously strives towards spreading cyber hygiene and cyber ethics.

The primary initiatives undertaken by us are:
CyberPeace Corps
Cyber Bridge
Charity Bounty

It has been found that cybercrimes and threats to women online are rising by the day, so that they are the prime targets of some sensitive crimes like revenge pornography and sextortion. For more details please visit

It has been found that cybercrimes and threats to women online are rising by the day, so that they are the prime targets of some sensitive crimes like revenge pornography and sextortion. Reasons causing this are not only economical, but also social and cultural, that prevent women from using the internet and issues like trolling that pop up when one uses it too often. With the development of a more advanced and digital age , it is of paramount importance to break this gender divide and create awareness among internet users, to help curb the threats and problems associated with the internet and its usage, and also pave a path to reap the benefits of these great technological advancements.

SUPPORT US TODAY! : Fundraising for the local community causes World Help received.

We are here to help you at any time all over the world so don’t hesitate to reach us at any moment.

Get in Touch





+91 82350 58865

Fake UPI accounts created to defraud those contributing to PM relief fund

Dec 13, 2021 | Uncategorized

Just three days after the PM’s Citizen Assistance and Relief in Emergency Situations fund was created, the Cyber Peace Foundation found fraudulent variations of the original UPI account.

As many as 68 fake Unified Payments Interface (UPI) IDs in the name of the PM CARE fund to fight coronavirus have been detected, according to cybersecurity researchers. The fake IDs are active and have been created under both banking and non-banking entities.

The creation of the Prime Ministers Citizen Assistance and Relief in Emergency Situations (PMCARES) fund was announced on March 28, with the intention of providing assistance and emergency relief funds where the public can contribute to help the government fight against the COVID-19 pandemic. The original UPI ID to make payments to the fund is pmcares@sbi.

However, barely three days after the account was created, security researchers with Cyber Peace Foundation were alerted by victims of the fraud about the existence of fake UPI accounts. These accounts appeared similar to the original PMCAREs.

Parasar Sikdar, a cybersecurity researcher with Cyber Peace Foundation who worked on tracking down the 68 accounts said, “These UPI accounts have been created by fraudsters. They are just changing the wording. The original ID is pmcares@sbi but these fraudsters have made variations of the prefix, and made it pmcare@sbi or created IDs with names like pmoindia@sbi or pmindia@sbi. Any fraudster with an intention to cheat can create such IDs easily,” says Parasar, “We are only doing this for research,” he adds.

The UPI, as its name suggests, is a payment interface system that allows peer-to-peer bank transfers using mobile applications. There are as many as 48 banks who are payment service providers (PSPs) for UPI, apart from 33 non-banking players who also provide the service.

TNM reached out to National Payments Corporation of India (NPIC), who oversees UPI service, alerting them on the 68 or more fake UPI accounts allegedly defrauding the public of funds meant for the PMCARES. NPCI acknowledged the issue and is yet to respond to queries.

The 68 fake IDs detected were under Catholic Syrian Bank, Yes Bank, State Bank of India, HDFC Bank, ICICI Bank, Airtel Payments Bank, DBS Bank, Axis Bank, Andhra Bank, Canara Bank and Central bank. Whenever fraudulent accounts are detected over UPI, the NPIC usually instructs banks to blacklist the UPI ID.

Srikanth L, from Cashless Consumer, a consumer collective focussed on digital payments tells TNM, “This is another manifestation of the classing phishing scam. Here it is possible to get the fraudsters tracked and blacklisted and this can be done at the NPIC level itself.” However, the researcher adds that to prevent further phishing over the UPI platform, the NPIC should consider framing rules for the banking and non-banking issuers of UPI IDs to not generate IDs that are suspicious.

In Google Pay, for instance, the app automatically generates the UPI ID for the suffixes @okaxis

@okhdfcbank, @okicici, @oksbi with the email ID of the person as the prefix. “So when someone uses an email ID with ‘pmcare’ and creates a UPI ID, the app automatically generates a UPI ID that would have the prefix of ‘pmcare.’ The changes have to be made at the algorithm level. The NPIC has to form rules and implement them across the issuers,” he adds.