Details of Online frauds. how to Enjoy Safe Banking
Fraud Scenarios : -
Forged Phone Calls
Forged phone call is one such attempt where fraudsters possess as your relative / friend and ask you transfer the funds on immediate basis in their bank account/wallet.
How do fraudsters operate?
- Fraudster collects information about you from social networking sites like Facebook, Linkedin, twitter etc.
- Fraudster calls customer and poses as a relative or friend and talk to you about few scenarios which recently happened with you so that they can trick you in thinking that you actually know them.
- Once they get confidence that you are in trap, they ask you to transfer some money (usually small amount ranging between INR 500 to 5000) in their bank account or wallet account citing medical reasons.
- Once customer transfer the amount fraudster further transfer that money to their some other account so that transaction cannot be reversed.
How to protect yourself from fraud:
- Never share personal details on social networking sites.
- Never transfer the funds without confirming the identity of the recipient as the money once transferred cannot be reversed.
- Report all such incidents immediately on the Phone Banking number 400 or report it on govt. Regulatory/authorities .
Phishing
Phishing is a type of fraud that involves stealing personal information such as Customer ID, mPIN, Credit/Debit Card number, Card expiry date, CVV number, etc. through emails that appear to be from a legitimate source, like Airtel Payments Bank.
How do fraudsters operate?
- Fraudsters send fake emails to customers which appears legitimate, asking them to urgently verify or update their account information by clicking on a link in the email.
- Clicking on the link directs the customer to a fake website that looks like the official Bank website – with a web form to fill in his/her personal information.
- Information so acquired is then used to conduct fraudulent transactions on the customer’s account.
How to protect yourself from fraud:
- Always check the web address carefully. Most Netbanking address is starts with https, check before transacting online.
- For logging in, always type the website address in your web browser address bar.
- Install the anti-virus, antispyware, firewall and security patches on your computer and mobile phones and keep updating them regularly.
- DO NOT click on any suspicious link in your email.
- DO NOT provide any confidential information via email, even if the request seems to be from authorities like Income Tax Department, Visa or MasterCard etc.
- DO NOT open unexpected email attachments or instant message download links
- DO NOT access NetBanking or make payments using your Credit/Debit Card from computers in public places like cyber cafés or even from unprotected mobile phones.
How to identify fake Phishing website / Mails?
- Always check for the salutations in the mail, phishing mails are normally targeted to large audience so they put generic salutation like below, genuine mail always comes with your name.
- Dear Sir / Madam
- Dear Customer
- Check the domain or email ID from where mail has come, generally fraudster try to build look alike email ID with some spelling changes like below:
- Instead of airtel fraudster may use airlel or artel etc.
- Such mails comes with some kind of urgency and they threat you for some consequence if you ignore the mail.
- When you click on URL it will redirect you to some website which will look alike the bank site but if you check the URL address then it would be different from bank site address.
- Most fake web addresses start with ‘http://’. Legitimate site will always start with HTTPS, the ‘s’ at the end of ‘https://’ stands for ‘secure’ - meaning the page is secured with an encryption.
- Check the Padlock symbol. This depicts the existence of a security certificate, also called the digital certificate for that website.
- Establish the authenticity of the website by verifying its digital certificate. To do so, go to File > Properties > Certificates or double click on the Padlock symbol at the upper right or bottom corner of your browser window.
Vishing
Vishing is one such attempt where fraudsters try to seek your personal information like Customer ID, Net Banking password, ATM PIN, OTP, Card expiry date, CVV etc. through a phone call
How do fraudsters operate?
- The fraudster poses as an employee from the bank or a Government / Financial institution and ask customers for their personal information.
- They cite varied reasons as to why they need this information. For e.g. reactivation of account, encashing of reward points, sending a new card etc.
- These details thus obtained are then used to conduct fraudulent activities/ transactions on the customer’s account without their knowledge.
How to protect yourself from fraud:
- Never share any personal information like Customer ID, ATM PIN, OTP etc. over the phone, SMS or email.
- If in doubt, call on the Phone Banking number 400 or report it on govt. Regulatory/authorities .
Smishing
Smishing is a type of fraud that uses mobile phone text messages (SMS) to lure victims into calling back on a fraudulent phone number, visiting fraudulent websites or downloading malicious content via phone or web.
How do fraudsters operate?
- Fraudsters send SMS intimating customer’s of prize money, lottery, job offers etc. and requesting them to share their Card or Account credentials.
- Unaware, the customer’s follow instructions to visit a website, call a phone number or download malicious content.
- Details thus shared with the person who initiated the SMS are then used to conduct fraudulent transactions on customer’s account, causing them financial loss.
How to protect yourself from fraud:
- Never share your personal information or financial information via SMS, call or email.
- Do not follow the instructions as mentioned in SMS sent from untrusted source, delete such SMS instantly.
- If you receive any urgent communication asking for personal information, call Phone Banking number 400 or report it on govt. Regulatory/authorities, to check if it was a legitimate communication.
Identity Theft
Identity Theft occurs when someone wrongfully uses your personal information to obtain credit, loans and other services in your name.
How do fraudsters operate?
- They try to gather customer’s details through Phishing, Vishing, Smishing or any other means.
- They call customers and try to collect details by posing as a Bank Staff.
- They might visit customers posing as bank staff and collect personal information like Name, Father’s Name, Address, Permanent Address, Date of Birth, Aadhaar number, PAN Number etc.
How to protect yourself from fraud:
- Destroy any piece of paper holding details of your identity.
- Never share your personal information with a stranger or any third party, posing as bank representative.
- Update your bank records whenever you change your contact numbers, address or email ID.
SIM Swap
Under SIM Swap, fraudsters manage to get a new SIM card issued against your registered mobile number through the mobile service provider. With the help of this new SIM card, they get One Time Password (OTP) and alerts, required for making financial transactions through your bank account.
How do fraudsters operate?
- Fraudsters gather customer's personal information through Phishing, Vishing, Smishing or any other means.
- They then approach the mobile operator and get the SIM blocked. After this, they visit the mobile operator's retail outlet with the fake ID proof posing as the customer.
- The mobile operator deactivates the genuine SIM card and issues a new one to the fraudster.
- Fraudsters then generates One Time Password (OTP) required to facilitate transactions using the stolen banking information. This OTP is received on the new SIM held by the fraudster.
How to protect yourself from fraud:
- If your mobile no. has stopped working for a longer than usual period, enquire with your mobile operator to make sure you haven't fallen victim to the Scam.
- Register for SMS and Email Alerts to stay informed about the activities in your bank account.
- Regularly check your bank statements and transaction history for any irregularities.
Money Mule
Money Mule is a term used to describe innocent victims who are duped by fraudsters into laundering stolen/illegal money via their bank account(s).
How do fraudsters operate?
- Fraudsters contact customers via emails, chat rooms, job websites or blogs, and convince them to receive money into their bank accounts, in exchange of attractive commissions.
- The fraudsters then transfer the illegal money into the money mule's account.
- The money mule is then directed to transfer the money to another money mule’s account – starting a chain that ultimately results in the money getting transferred to the fraudster’s account.
- When such frauds are reported, the money mule becomes the target of police investigations.
How to protect yourself from fraud:
- Do not respond to emails asking for your bank account details.
- For any overseas job offer, first confirm the identity and contact details of the employing company.
- Do not get carried away by attractive offers/commissions or consent to receive unauthorized money.
Trojan
A Trojan is a harmful piece of software that users are typically tricked into loading and executing on their computers. After it is installed and activated, Trojan attacks the computer leading to deletion of files, data theft, or activation/spread of viruses. Trojans can also create back doors to give access to hackers.
How do fraudsters operate?
- Fraudsters use spamming techniques to send e-mails to numerous unsuspecting people
- Customers who open or download the attachment in these emails get their computers / mobiles infected.
- When the customer performs account/card related transactions, the Trojan steals personal information and sends them to fraudsters.
- These details will then be used to conduct fraudulent transactions on the customer’s account.
How to protect yourself from fraud:
- Never open e-mails or download attachments from unknown senders. Simply delete such emails
- Installing antivirus helps. It scans every file you download and protects you from malicious files.
- Enable automatic OS updates or download OS patch updates regularly to keep your Operating System patched against known vulnerabilities.
- Install patches from software manufacturers as soon as they are distributed. A fully patched computer / mobile behind a firewall is the best defense against Trojan.
- Download and use the latest version of your browser.
- If your computer / mobile gets infected with a Trojan, disconnect your Internet connection and remove the files in question with an antivirus program or by reinstalling your operating system. If necessary, get your computer serviced.