In a significant legal move against cybercriminals posing as trusted brands, the Delhi High Court (HC) recently granted urgent relief to Reliance Retail Ltd in a case involving the misuse of its beauty brand, Tira. The Court found that fraudsters were using fake identity cards, suspicious WhatsApp numbers, and misleading Unified Payment Interface (UPI) payment links to trick people with fake Tira-branded offers and schemes. The Court described this as a 'sustained and deliberate attempt' to take advantage of the public’s trust in a well-known brand.
This case raises important questions about how digital fraud is being detected—and missed—in India. It also highlights how slow tech platforms can be to act, leaving ordinary people exposed until big companies take the matter to court. In just two months, cybercriminals managed to cheat 8,919 victims out of more than Rs41 lakh across cities like Delhi, Bengaluru, Mumbai, Hyderabad, Lucknow and Jaipur. The incident is a clear reminder that cyber fraud today operates across multiple platforms—telecom networks, messaging apps and digital payment systems—often going unnoticed until the damage is already done.
A Complex Web of Fraud
As per the HC’s order, cybercriminals behind this scheme went far beyond sending a few fake messages pretending to be from Tira.
They put together a well-organised and calculated fraud that included:
• Using forged identity cards made to look like they were officially issued by Reliance Retail.
• Sending messages through multiple fake WhatsApp numbers, making it harder to trace them.
• Asking people to pay money via UPI-linked QR codes, while falsely offering Tira-branded gift cards, discount coupons, or payment confirmation links.
The fraud was carefully designed to look legitimate and to mislead unsuspecting consumers into believing they were dealing with the official brand.
The cybercriminals didn’t stop at luring new victims—they even targeted existing customers of Reliance Retail by asking them to make a second payment for orders they had already paid for. This tactic created confusion and made the requests seem genuine.
The HC noted that the use of Tira’s trademarks and logos was not accidental. It was a calculated move, deliberately designed to mislead people and make the scam appear authentic.
Judicial Relief and Platform Accountability
In this case, Reliance Retail acted swiftly. Backed by screenshots, fake ID cards, chat records and phishing links, the company moved the Delhi High Court for immediate action.
Recognising the seriousness of the scam, the court granted a detailed ex-parte ad interim injunction and issued the following directions:
• Telecom service-providers (TSPs) were ordered to block the fraudulent mobile numbers and share the subscriber details behind them.
• WhatsApp was instructed to suspend the accounts linked to those numbers and provide information about the users.
• UPI and QR code platforms, including National Payments Corporation of India (NPCI), were told to freeze the payment accounts used in the scam and disclose the details of the account-holders.
• The Court also made a key provision: any new rogue numbers, WhatsApp accounts, or payment links discovered later by Reliance Retail can be reported and blocked without needing fresh court orders each time.
The ruling sends a strong message that platforms must act promptly when alerted and that the courts will step in decisively when brand misuse and public harm are clearly established.
Importantly, the HC recognised that such impersonation attempts could seriously harm a brand’s (Reliance Retail-Tira in this case) reputation and erode the trust it has built with customers. It stressed that the large-scale deception of consumers justifies urgent legal protection of the company’s intellectual property, including its trademarks and brand identity.
Why Didn’t Platforms Act Sooner?
While the Court’s swift response is commendable, the case also reveals troubling gaps in the system. Despite numerous complaints from victims (666 complaints just from Delhi) and the sizeable amount of money lost, the mobile numbers, WhatsApp accounts and UPI links used by cybercriminals remained active. It wasn’t until Reliance Retail stepped in and approached the Court that any meaningful action was taken. This raises a serious concern—why didn’t the platforms detect and act on the scam sooner, especially when real users were being cheated in large numbers?
This brings up several troubling questions:
• Why didn’t WhatsApp, telecom service-providers (TSPs) and UPI platforms detect the fraudulent activity sooner? These platforms have access to advanced monitoring tools and large volumes of data—yet the scam continued unchecked for weeks (two months to be precise!).
• Even more surprising is the role of Reliance Jio, India’s largest telecom operator and a sister company of Reliance Retail. Despite being part of the same corporate group, Jio appears to have missed or failed to act on the signs of the fraud, including rogue numbers operating across India's telecom networks.
• How did fake identity cards, identical trademarks and bulk phishing messages escape detection? These were not subtle or isolated events—they were part of a large-scale operation designed to deceive.
• Why did action only come after consumers lost money? Instead of pre-emptively flagging suspicious activity, the platforms reacted only after financial loss had already occurred.
These questions highlight a need for stronger oversight, faster response systems and more accountability from service-providers, including TSPs, social media apps and payment services-providers.
The Court order provides strong and timely relief, but only because a major brand like Reliance Retail pushed for it. This raises a larger concern: what happens when an individual or a small business faces a similar scam? Without the legal muscle or resources to gather evidence and approach the courts, many may be left defenceless, with little chance of holding fraudsters—or the platforms enabling them—accountable. (
Read: Fraud Alert: The Ambareesh Baliga Case)
Regulatory Gaps: e-FIR Limitations
The Reliance Retail-Tira impersonation case also brings attention to a critical policy gap—the threshold for automatic fraud investigation under the current e-FIR (electronic first information report) system. At present, an e-FIR is only triggered when a cyber fraud involves losses above Rs10 lakh.
However, most digital frauds targeting the common people involve much smaller amounts—anywhere between Rs100 and Rs50,000. For many victims, especially low-income individuals and senior citizens without a regular income, or residents in rural areas, even a loss of Rs1,000 can be financially crippling. In fact, many of these victims don’t earn that much in an entire week.
As a result, the current system leaves the vast majority of online fraud cases uninvestigated and underreported, with affected individuals often left confused about where or how to seek redress. This regulatory blind spot urgently needs to be addressed to ensure that protection against cybercrime isn’t limited only to high-value cases.
Lessons from the Tira case: What You Can Do To Stay Safe
The Tira impersonation scam offers important takeaways—not just for tech platforms and regulators, but for everyday users who remain the most vulnerable. As digital fraudsters become more sophisticated, individuals need to stay alert and proactive.
Here is how you can protect yourself from brand impersonation scams:
1. Don’t trust random messages claiming to be from brands
Legitimate companies will not ask you for payments, fees for gift cards, or personal details via WhatsApp or SMS. Always confirm any offer or request through the company’s official website or verified customer care numbers.
2. Look out for spelling errors and slight logo changes
Fraudsters often use deceptive versions of brand names, such as using 'tiRa', ‘TiRa’, ‘tiRA’ or ‘TIra’ instead of 'Tira', or making minor changes to brand logos. These tricks are designed to fool users who aren’t paying close attention. Take a moment to check carefully.
3. Avoid making payments via unknown QR codes or UPI links
Never make a payment through a link or QR code sent over WhatsApp or other social media and chat apps, especially from a personal or unverified number. Remember, trusted and legitimate companies use secure payment gateways, not informal chats, for money transactions.
4. Verify identity cards and employee claims
Cybercriminals are now circulating fake ID cards with official-looking details. If someone contacts you claiming to represent a company, ask for official verification and call the brand directly using contact details from their verified website.
5. Report suspicious numbers and accounts immediately
If you receive a suspicious message or payment request, report it to:
• Cybercrime helpline: Dial 1930
In the report, include screenshots, phone numbers and payment details—these can help authorities track and shut down scams.
6. Use spam-detection and call-blocking tools
Install caller ID and spam filter apps like TrueCaller, and use reporting tools of messaging or chat apps like WhatsApp to flag suspicious contacts. These tools can reduce your exposure to scam attempts.
7. Keep a record
If you are contacted by someone claiming to represent a brand:
• Take screenshots of the conversation
• Note the phone number and UPI details
• Report the interaction to the brand’s official customer service and to cybercrime authorities
Even if you have not been defrauded, your report could help others and may become vital evidence in legal action against the scammers.
The Reliance Retail–Tira case highlights how courts can intervene quickly to protect the public and hold impersonators accountable. However, as consumer rights activists have long argued, legal remedies should not be the first line of defence—especially in an era where many scams can be automatically detected by tech platforms, telecom providers and regulators using existing algorithms and monitoring systems.
Relying on court action only after harm is done puts the burden on victims and brands, rather than preventing fraud in the first place. The focus now needs to shift towards early detection, stronger platform accountability and better regulatory coordination to stop scams before they reach consumers.
India’s digital fraud ecosystem urgently needs real-time monitoring systems, proactive takedown protocols and closer coordination among telecom operators, app platforms and regulatory bodies. Without these structural safeguards, ordinary citizens remain exposed to evolving scams and major brands may be forced to continue shouldering the responsibility of tracking and curbing digital fraud in a space that often feels like the lawless wild west. Until systemic fixes are in place, vigilance remains the best defence for all of us.
Stay Alert, Stay Safe!
