How do real Swiggy and Zomato refunds actually work?

Automatically, and with no action from you. When a refund is approved — for a cancelled order, a missing item, or a quality complaint raised through the app — the money is returned to your original payment method or credited to the app's own wallet. You do not approve anything, enter any PIN, share any OTP, scan any QR code, or 'confirm' anything to a caller. The refund simply appears, usually with an in-app notification and a timeline shown in the order's help section. Anything that requires you to act in a payment app before a refund can 'be processed' is taking money from you, not returning it.

I searched for the Swiggy / Zomato customer care number and called it. Was that risky?

Yes — this is one of the most effective scam funnels in India right now. Scammers plant fake 'customer care' numbers in search results, free-listing sites, social media replies, and even map listings, so the victim dials the fraudster directly and arrives pre-convinced they are talking to the company. The 'agent' then walks the caller through a refund that is actually a UPI collect request, a QR-code payment, or a screen-sharing app install. The safe path: both Swiggy and Zomato handle support through the Help section inside their own apps against the specific order. Treat any food-delivery helpline number found through a web search as unverified, and never make payments or share OTPs on a call you originated from a searched number.

How does the QR code refund trick work?

The caller says your refund is ready and sends a QR code by WhatsApp — 'scan this and enter your UPI PIN to receive ₹240'. The mechanics are the exact opposite of what they describe: in UPI, scanning a QR code and entering your PIN is how you PAY someone. Receiving money requires no scan and no PIN. Some versions add a believability touch by asking you to 'enter the refund amount yourself' — you type 240, enter your PIN, and send ₹240 to the scammer. Higher-value versions get the victim to repeat the process for 'failed' transactions, draining the account in increments. The rule that defeats it: a QR scan plus a PIN always means money leaving your account.

I approved a 'refund' request and money was debited. What should I do?

Move fast. Call 1930 — the national cyber-financial-fraud helpline — within the first hour if you can, and file a complaint at cybercrime.gov.in with the transaction reference from your UPI app. Report the transaction as fraud inside your UPI app as well (PhonePe, Google Pay, and Paytm all have a report-fraud flow), which alerts the receiving payment service provider. If you installed any screen-sharing app like AnyDesk during the call, uninstall it immediately and change your UPI PIN. Then report the fake support number or caller inside the Swiggy or Zomato app against the order, so the platform can act on the impersonation — and keep screenshots of the call log, chat, and transaction for the complaint.

Swiggy / Zomato Refund Scam in India 2026: Fake Refund Calls and Planted Helpline Numbers

Published: 10 June 2026 • 8 min read • By ScanTotal Security Team

Last reviewed: 10 June 2026 by Kumari Rajapaksha — Founder, ScanTotal

Your biryani arrives and it’s the wrong order — or it doesn’t arrive at all. Annoyed, you do what everyone does: you Google “Swiggy customer care number”, dial the first result, and a helpful agent picks up on the second ring. He apologises, confirms your order details, and offers an instant refund. He just needs you to approve the request in your UPI app — or scan a QR code he’s sending on WhatsApp, or install a small “refund verification” app. Ten minutes later your refund of ₹380 has become a debit of ₹38,000.

The food-delivery refund scam is built on two quiet truths: refund problems are genuinely common with food delivery (which makes the premise believable), and almost nobody knows how Swiggy and Zomato support actually works (which makes the fake helpline plausible). Unlike most phone scams, this one frequently starts with the victim making the call — which is precisely what makes it so effective. This guide covers the three variants, how real refunds actually behave, and the three signals that end the call early.

How real Swiggy and Zomato refunds work

Boringly, and automatically. When you raise an issue through the app — missing item, wrong order, quality complaint, cancelled delivery — and a refund is approved, the money goes back to your original payment method or into the app’s wallet. The order’s Help section shows the status and a timeline. That’s the entire experience. Note everything that is absent from it:

No phone call is required, and neither company asks you to call a number to “claim” a refund.
You never approve anything in your UPI app. A refund is not a request you accept — it just arrives.
No OTP, no UPI PIN, no QR code, no “refund verification” app. Ever.

Hold that picture in mind, because every scam variant below works by adding steps to a process that has none.

Variant 1 — the planted customer-care number

The defining variant of this scam category. Scammers seed fake “Swiggy customer care” and “Zomato helpline” numbers everywhere a frustrated customer might look: search results, free business-listing sites, social-media replies to complaint posts, and sometimes edited map listings. The victim dials the number themselves — which neutralises the single best scam defence (“be suspicious of unsolicited calls”), because this call isn’t unsolicited. The victim arrives angry at the company and grateful to the “agent”.

You: My order never arrived. I want a refund. "Agent": Sorry for the inconvenience sir. I am initiating your refund of Rs.380 right now. You will receive a request in your PhonePe — please approve it and enter your UPI PIN to receive the amount instantly.

What arrives is a UPI collect request — the same mechanism dissected in our PhonePe collect-request guide. Approving it with your PIN sends ₹380 rather than receiving it. The agent then reports the transfer “failed” and asks you to try again, often with a larger “consolidated refund” amount. Each retry is another outgoing payment.

The real support path for both platforms is the Help / Support section inside the app, attached to the specific order. That chat is the channel through which refunds genuinely get raised and resolved. A helpline number found through a web search has no such guarantee behind it — treat every one of them as unverified.

Variant 2 — the QR code “refund”

The agent sends a QR code on WhatsApp: “Scan this and enter your PIN to receive your refund.” Sometimes there’s a refinement — “enter the refund amount yourself, sir, for verification” — which feels like a security step and is actually you typing the amount you’re about to lose.

The mechanics are the exact inverse of the script. In UPI, scanning a QR and entering your PIN is how you pay someone. It is the same action you perform at a kirana store checkout. Receiving money involves no scan and no PIN — the Reserve Bank of India’s consumer-awareness booklet BE(A)WARE spells this out as one of the canonical digital-payment fraud patterns. If a “refund” requires you to do what you do when buying vegetables, it’s a payment.

Variant 3 — the screen-share escalation

When a victim hesitates, the script escalates: “Sir, I will process it manually from my side — please install AnyDesk so I can verify your refund status.” Screen-sharing apps like AnyDesk and TeamViewer are legitimate IT tools, but in this context the “agent” is watching your screen as you open your bank or UPI app — capturing balances, registered numbers, and in the worst case your PIN as you type it. This is the same escalation used in the IRCTC refund scam and the KYC update scam, and it turns a ₹400 dispute into a drained account.

No food-delivery refund has ever required a screen-sharing app. The instant a support call asks you to install AnyDesk, TeamViewer, RustDesk, or any “verification app”, the call is fraudulent. Hang up — mid-sentence is fine.

The three signals that catch every variant

1Refunds arrive on their own — any required action is the scam

A real refund needs nothing from you: no approval, no PIN, no OTP, no QR scan, no app install, no “amount verification”. The moment a refund acquires steps you must perform in a payment app, you are not receiving money — you are sending it. This single rule defeats all three variants.

2Support lives inside the app, not inside a search result

Raise every order problem through the app’s own Help section against the specific order. Never act on a helpline number found through a web search, a social-media reply, or a forwarded WhatsApp message — planted numbers are this scam’s primary distribution channel. If you’ve already dialled one, the safe move is simple: make no payments and share no codes on any call you found through search.

3QR scan + UPI PIN = money leaving your account

Always. The scan-and-PIN gesture is UPI’s payment action — the same one you use at a shop counter. No legitimate process anywhere uses it to deliver money to you. Teach this one sentence to everyone in your house who uses UPI.

If money has already left

Call 1930 within the first hour if possible — the national cyber-financial-fraud helpline can sometimes freeze the receiving account before funds move on. Have the transaction reference from your UPI app ready.
File at cybercrime.gov.in with screenshots of the call log, WhatsApp chat, QR code, and debit entries.
Report the fraud inside your UPI app — PhonePe, Google Pay, and Paytm each have a report-fraud flow that alerts the receiving payment provider directly.
Uninstall any screen-sharing app installed during the call, then change your UPI PIN from a clean device.
Report the impersonation in the Swiggy / Zomato app against the order, and report the planted number where you found it (search engines and map services both accept listing-fraud reports).
Watch the account for a week. Successful victims get called again — often by the “cyber cell” offering to recover the money for a fee. That call is round two of the same scam.

The respectful reality about Swiggy and Zomato

Neither platform is the villain of this story. Swiggy and Zomato process millions of orders a day, their in-app refund flows genuinely work, and both publish guidance telling customers to use in-app support and to ignore numbers circulating outside their apps. They are impersonated for the same reason banks and courier companies are impersonated: the brand is on millions of phones, and a small percentage of any day’s orders will have a problem — which means at any given moment, a large absolute number of people are looking for someone to fix their dinner.

The scam lives entirely in the space between the app and the search bar. Stay inside the app — raise the issue there, take the refund there, escalate there — and the planted-number funnel never touches you. And if anyone, on any call, ever offers to refund you through a QR code, a collect request, or your own UPI PIN, you now know exactly which direction the money would travel.

Got a “refund link” on WhatsApp or SMS?

Paste it into ScanTotal first — we’ll tell you whether the domain is the real platform or an impersonation.

Open URL Scanner