Banks have intensified their efforts to alert their customers of internet frauds that have swirled in numbers and varieties amid rise in digital payments.
Bankers have stepped up their vigil on scamsters who are using sophisticated tools such as SIM swaps, juice jacking, frauds using search engines and QR code scams to dupe customers.
In SIM swaps, fraudsters call customers by posing as officials from a telecom operator requesing details for a free upgrade of the SIM card.
Existing SIM cards are deactivated and replaced by a clone SIM through which accounts can be accessed and OTPs generated to authenticate transactions.
“A mobile number has actually become an identity and anything from a banking perspective can be done if somebody takes control of SIM card and mobile numbers,” said Manish Agrawal, head credit intelligence and control, HDFC Bank.
“At a bank level we are telling customers that if your phone suddenly stops working for a considerable period of time in a regular environment immediately, the customer should inform the mobile operator and ensure no duplicate SIM has been issued.”
In juice jacking, once a mobile phone is connected to an unknown/unverified charging port, fraudsters gain access to sensitive information such as email, text messages, and saved passwords. “Most people have their financial credentials saved in a mobile phone or laptop. If connected with an unknown public wifi, data can be extracted from those devices,” said Agrawal.
In an advanced form of phishing attack, contact details on search engines are camouflaged by fraudsters and customers trying to contact the banks or insurance companies or Aadhaar service centres end up contacting unknown numbers.
QR codes have embedded account details in them for easier payments to bank accounts and wallets. Fraudsters contact customers under various pretexts and trick them into scanning QR codes using payment apps.
Several banks have started campaigning to create cybersecurity awareness. “HDFC Bank has been doing secure banking campaigns through social media, text messages, e-mails and periodic notifications to its customers,” said Agrawal.
“By highlighting through the campaign that the customer can tell when their information is under threat and respond appropriately, the bank hopes to bring them to share the critical role of protecting their information and transactions,” said Jasneet Bachal, chief marketing officer, Yes Bank.
This allows them to withdraw money from the customer's account.
“Official websites of banks/companies must be used to get the contact details,” said Agrawal.
Not just seniors
Data compiled by HDFC Bank show that around 85 per cent of customers with net banking and UPI fraud disputes between April -June 2021 were in the age group of 22-50 and supposedly more tech savvy. Around 75 per cent of the cyber frauds have happened between 7am and 7pm.