Fraudsters are getting smarter and using various methods to wipe out money from the accounts of the users of the Digital Payments Apps, to leave them truly 'cashless'.
As more and more people are going digital and increasingly using their smartphones to make/receive payments conveniently, fraudsters are also getting smarter and using various methods to wipe out money from the accounts of the users of the Digital Payments Apps, to leave them truly ‘cashless’.
Depending on awareness level of their would be victims regarding safety aspects of various digital payment options, fraudsters use different ploys to convince them either to reveal sensitive details or do something that would allow them access to take away hard-earned money of the victims from their bank accounts and/or digital wallets.
Here are some of the incidents and how to avoid the occurrence of such frauds:
Case 1: Using card details and Apps
Last year, pretending to be the manager of the branch of a PSU bank, in which the wife of a government employee had an account, a fraudster made her reveal details of her apparently non-functional debit card and also OTPs to make online purchases using the money in the account. The bank expressed its inability to do anything when she called the customer care for help.
Subsequently, she called up the merchants, through which payments of online purchases were channelised. While two of the merchants expressed their inability to help, a person claiming to be from the third merchant, said he would reverse the transactions and help her get back the money, but in another account, and made her reveal details of her husband’s debit card. She also installed a remote access App in her husband’s mobile (which he doesn’t carry due to office restrictions) after instructed to do so. Money started going out from the account after she allowed access of the App to the fraudster. After returning from office, her husband called the customer care of the leading PSU bank also deleted the remote access App from his mobile. As the outflow of money didn’t stop despite the complaint, he went to a nearby ATM and withdrew whatever money was left in the account.
Next day, another person, claiming to be a senior official of the same organisation, called them and expressed his inability to get the amount deposited directly into the account and convinced them to install a payment App to let him deposit the money through UPI and and asked them to link another bank account with it. Desperate to get the money back, he downloaded the UPI App, linked his salary account with it and punched in a code given by the fraudster, resulting into outflow of money through UPI transactions. He immediately called up the customer care of the leading private bank and was able to get his account frozen. Even after freezing the account, unauthorised requests of UPI transactions amounting to nearly Rs 2 lakh were still showing pending, which were subsequently turned down after he informed the bank to do so.
When they visited the nearest police station, they had been scolded for revealing debit card information and despite taking all the details in writing, police refused to lodge an FIR. Police only asked them not to use any digital payment Apps on mobile as they are unsafe. A copy of the details of the incidents was also submitted to the Cyber Crime Branch with no result despite providing the call details.
Precaution: Never share your card details, OTP and never install any App if asked by a stranger.
Case 2: By sharing details
Wanting to help a person to book place for last rites of a deceased relative, a lady searched contact numbers of Gurudwara and after calling the number that she got online, a person, in response, said booking could be done only online and if she got a particular Digital Payment App installed in her mobile, she may do the booking right then. As the App was already installed in her mobile, the person sent her a link apparently of a shared document to be filled online and asked her to pay just Rs 5 as advance. After she submitted the form, the person kept her engaged on phone saying processing the document taking time and taken out Rs 1 lakh from her account in four installments without even asking for bank/card details, CVV or OTP.
On approaching Cyber Cell, the police personnel there said that her phone would have been cloned and the fraudster used her payment App to transfer the money. The police blocked the accounts in which the money was transferred, but half of the money was already withdrawn by then.
Precaution: Never click on any document from an unknown sender, how much convincing it may look.
Case 3: By sending payment request
While shifting her house a lady wanted to sell some of her articles and placed them on an online market place for so. She got a call from a seemingly interested buyer, who wanted to pay through a payment wallet. As she didn’t have the App on her mobile, she requested one of her friends to receive the amount. The caller asked her friend to click on the payment request to receive the amount. When clicked, instead of receiving the amount, the money was debited from her friend’s account. After a close look, it was discovered that the fraudster had sent a request to receive the money and not to pay it.
Precaution: Never click on any link without verifying it.
Case 4: On the pretext of updating KYC
Savvy of using a payment wallet, a lady got a message, apparently from the digital wallet giant, to get her KYC updated, after she failed to pay a shopkeeper though the wallet. Later, she got a call informing that her KYC is updated only up to 60 per cent and need to be updated fully. The caller said that she needn’t reveal any KYC details and may fill it herself, but for so, she need to download a remote access App.
After she downloaded the App and allowed him access, he insisted her to set a payment limit, for which her debit card details are needed, which she needn’t tell him, but to enter in her mobile. Convinced again that she needn’t reveal her bank details, she entered the details in her mobile and immediately Re 1 was deducted from her bank account. She thought it was part of account verifying process but subsequently more amounts start getting deducted.
Meanwhile, the fraudster kept her engaged on the phone saying that the amounts will be credited back, but continued to withdraw money. She even got a call, claiming to be from her bank, and the caller asked her if she is doing the transactions herself. Informing that she is not doing the transactions, she asked the caller to freeze her account immediately.
However, the debit transactions continued till the account became empty. The fraudster again convinced her to enter the details of another debit card leading to debit transactions from another account as well. It was stopped after her husband arrived soon and deleted the remote access App.
Precaution: Never install any App if asked by a stranger. For KYC purpose, visit nearby centre to get it done. Don’t rely only on calls from banks, but call the customer care centre to get your account frozen.