How to protect yourself from financial fraud
A Hyderabad scribe avoids online fraud by recognising a scam call about a non-existent credit card transaction
Mumbai: Umesh Kumar (name changed), a resident of Hyderabad got a call from an unknown number. The caller identified himself as an executive from State Bank of India and informed him that his credit card has been used in Mumbai with Rs one lakh spent and that he should immediately credit the amount in his bank account. Before the conversation could proceed any further, Kumar a scribe, immediately realized this it was a fraudster on the line as his credit card was still in the application stage and thus cannot be used and quickly hungup. While Kumar’s alertness prevented him from falling a victim to online fraud, there are lakh of bank customers who continue to fall prey to online fraud.
According to the Indian Cyber Crime Co-ordination Centre (I4C), Indians lost over Rs 1750 crore to cyber fraud in the January-April 2024 period out of which 85 per cent of cases were related to financial crime. I4C added that Indians lost over Rs 120 crore in investment scams during the first four months of 2024 in a total of 4599 cases.
A recent RTI query to the Reserve Bank of India (RBI) revealed that close to 800 digital payment fraud cases are reported every day in India.
Fraudsters can target an individual and contact them via SMS, call, email, or other ways to get personal information or send malicious link to apps or websites to hack into the computer, mobile device, or network to get sensitive information, such as bank account numbers, credit card details, Aadhar number, Pan card number, social security numbers, and personal information. Recently, there have been a spate of incidents across the country where senior citizens have been conned of several lakhs in impersonation frauds. In such cases, there is circulation of counterfeit emails/WhatsApp messages impersonating top officials from the income tax department, police department bearing the subject “Urgent Notification!”, “Court Notification”. These emails employ the logos of the Indian Cyber Crime Coordination Centre (I4C), Intelligence Bureau (IB), and Delhi Police and wrongfully associate with the names of the senior officials urging people to respond.
Says Vinay Tiwari, Chief Information Security officer at Axis Bank, “Banking fraud is a continually evolving crime, with new methods emerging as technology advances and fraudsters are good at adapting to existing security measures and developing new methods to exploit vulnerabilities.”
Banks have taken multiple measures to reduce frauds by following security best practices, enhancing security controls such as enabling multiple factor authentication requiring additional verification steps for financial transaction, Mobile bank application security , enabling chip based cards for added security, monitoring and identifying suspicious transactions using real time data by enabling fraud detection systems, however there is a lot you can do from your side to prevent from falling into a fraudster’s trap.
So how do you identify if the call, email is genuine or from a fraudster?
Says Rahul Jain, chief financial officer of NTT Data Payment Services, “Incoming calls from banks have a four-digit prefix of 1860 to help customers identify the calls. So if you receive an incoming calls from someone claiming to be a bank official but the phone number used by him to make the call does not start with 1860' - then it is a fraudster masquerading as a bank official.”
Says Vinay Tiwari, Chief Information Security officer at Axis Bank, “Fraudsters usually try to create a sense of urgency or create panic situation, they request for remote access to your device which a bank will never ask. Bank calls usually address customers by name and call often with reference to your specific account or history.”
“And to verify the caller in case of suspicion check the caller ID by ensuring it matches the bank's official number or call back ie; hang up and dial the bank's official number to verify,” added Tiwari.
You should also be cautious of:
• Urgent or threatening tone: Banks won't pressure you for banking services.
• Requests for sensitive info: Banks won't ask for passwords, PINs, or card numbers.
• Unusual questions: Be wary of questions about your account or personal info.
• Report suspicious calls: Inform your bank and local authorities.
Here are some tips to help identify if a message or link is from a fraudster:
Spelling and grammar mistakes: Legitimate companies usually have professional communications.
• Generic greetings: Scammers often use generic greetings like "Dear customer" instead of addressing you by name or incomplete greetings.
• Request for personal info: Legitimate companies won't ask for sensitive info via message.
• Suspicious sender: Check the sender's email address or phone number for legitimacy.
Link:
• Unusual URL: Scammers often use fake websites with similar URLs.
• Misspelled or shortened URLs: Be cautious of URLs with spelling mistakes or shortened links.
• No HTTPS: Legitimate websites usually have "https" and a lock icon in the address bar.
• Suspicious redirect: If the link redirects you to an unexpected website, it may be malicious.
• Promises of rewards or prizes: Scammers often lure victims with fake rewards.
• Do not Follow any URL from message that you are not sure about.
• Do not take help from strangers for using ATM card or handling cash at branch and do not allow them to watch you while transacting.
• Avoid accessing your internet banking account from a cyber cafe/shared computer. If you happen to do so, change your passwords from your own computer.
• Ensure that you updated correct mobile number with bank to get the transaction alert regularly.
• Do not give bank application access to unknown users.
• Always download the application from secured sources like Play Store and App Store.
• While accepting collection request care should be taken to ensure that correct recipient has been approved.
• Don't store sensitive information such as Credit Card details, Mobile Banking password, User ID etc. on your phone /computer.
• Change your bank application mPIN (Password) regularly
How to report cyber fraud?
In case you fall prey to cyber fraud, you should immediately report unauthorised transactions to the bank and get the payment mode blocked for safeguarding against future losses. Customers should also file a complaint by calling 1930 helpline number started by Ministry of Home Affairs (MHA) and submit the complaint on National Cybercrime Reporting Portal https://cybercrime.gov.in.