Use this page when a PDF, invoice, offer letter, KYC form, Aadhaar/PAN request, notice, challan, receipt, or screenshot asks you to pay, click a link, call a number, install an app, or share private details.
Use it for PDFs, screenshots, notices, invoices, KYC forms, Aadhaar/PAN requests, and fake offer-letter flows.
Use this before trusting offer letters, invoices, KYC forms, courier notices, legal threats, payment receipts, and screenshots.
A real-looking PDF is still risky if it came from a random WhatsApp, Telegram, email alias, shortened link, or copied support number. Verify through a website, branch, saved contact, app, or employer page you opened yourself.
Fake invoices and notices often mix official logos with private UPI IDs, personal bank accounts, QR codes, release fees, tax, courier charges, job fees, or refund charges.
If a document asks you to open a link, install an APK, enable macros, connect remote access, upload PAN/Aadhaar, or enter OTP/UPI PIN, stop and verify the route first.
Reviewed by the ScamScan Safety Desk for triage clarity. ScamScan cannot certify a document as safe and is not a government or bank service; use it to organize risk signals before official verification, bank support, 1930, or cybercrime.gov.in.
Verify company domain, recruiter identity, and job listing outside the document.
Check bank/app history and official merchant route before sending money.
Do not transfer money because of a PDF threat. Use official routes to verify.
Do not upload private data through links sent by unknown senders. Compare Aadhaar, PAN, selfie, card, bank, and OTP requests outside the same chat.
| Check | What to verify |
|---|---|
| Sender source | Check whether the file came from a verified domain, known contact, official app, or random chat. |
| Payment demand | Identify fee, penalty, tax, clearance, verification, refund, or release money language. |
| Contact details | Search numbers and emails independently instead of trusting the document footer. |
| File behavior | Be cautious if a document pushes APK install, macro enable, remote access, or external login. |
Do not click, approve, install, ship, refund, share OTP, enter UPI PIN, or upload documents while the other person is pressuring you.
Open the official app, website, saved contact, branch, marketplace account, or provider support path yourself instead of trusting the sender's link or number.
Keep screenshots, links, numbers, UPI IDs, account names, file names, transaction references, group links, and the exact timeline.
Contact the bank, wallet, platform, police, cyber cell, 1930, or cybercrime.gov.in route that fits the case.
Scammers often switch from verification to fee, tax, refund, courier, recovery, or threat logic. Run the case again when new facts appear.
Compare the sender email domain, company career page, recruiter identity, salary language, fee demand, and payment route outside the PDF. Do not pay laptop, training, verification, or release fees through a random account.
Yes. Scammers copy logos, GST style, signatures, seals, QR codes, and bank details. Verify the vendor, order, bank account, and payment status from the official app, website, branch, or saved contact before paying.
Pressure to pay quickly, mismatched domain or phone number, unofficial UPI or bank account, altered PDF metadata, spelling mismatch, copied seal, external login link, QR code payment, APK install request, or a threat of police, customs, court, tax, or account closure.
Do not open links from a suspicious document on your main phone or logged-in browser. First check the visible domain, scan the URL, and open official sites by typing the address yourself.
Do not upload Aadhaar, PAN, selfie, OTP, UPI PIN, card, or bank details through a link sent in chat, SMS, email, or a document. Verify through the official app, website, branch, saved contact, or provider support path you opened yourself.
Save the original file, sender profile, phone number, email, link, payment instructions, UPI ID, bank account name, QR image, screenshots, call log, transaction reference, and the full timeline.
If money was paid recently, call your bank or wallet provider quickly and use 1930. Use cybercrime.gov.in for the formal complaint trail, especially when payment proof, identity documents, or account access are involved.
No. ScamScan is not a government, police, bank, employer, marketplace, courier, or recovery service. It helps organize warning signs and evidence before you use official verification or complaint routes.