Retired Employee Falls Victim to Fake Customer Care Scam, Loses Rs 4 Lakh
Hyderabad: Imagine reaching out to a customer care executive for help, and he or she turns out to be a fake and filches your money.
This is what happened a week ago to a retired employee from Ramanthapur, who lost `4 lakh while attempting to update his address on a medicine delivery app. He called a number that he believed was the app’s customer care. An executive asked him to pay Rs 2 to update his address. The pensioner did so without hesitation. He then saw money getting debited from his account and eventually ended up poorer by Rs 4 lakh.
It was likely that he hit upon a fake website while searching on the internet, and contacted it in good faith.
Speaking about the modus operandi, Srikanth, a cybercrime constable from Hyderabad CCS, said, “The procedure remains the same, the victim looks for a customer support number on Google, and calls up a scamster on a fake website. However, the style of tricking them into giving away money has changed.”
Srikanth said that the earlier practice was to ask for the OTP and gradually withdraw money from the victim’s account. Now, the fake support executive first asks the victim to install a remote app, which him to access the victim’s gadget in its entirety.
People who are mostly unaware of the risks install the app and type a code that the scamster suggests. The code enables the scamster to gain access to all the apps in the victim’s gadget.
According to Srikanth, the scamster would then ask the target to check their balance through a payment app, which requires entering the UPI pin. “When the scamster tricks the victim into checking the balance, he gets access to the victim’s UPI pin and OTPs, through which he starts making transactions.”
As more users become familiar with the danger of installing unknown apps, the latest trend is sharing APK (android application package) files to scam the victim.
“The scamster sends an APK file, which gives him access to your phone, UPI pins, OTPs, everything. These files are dangerous and look similar to the original website. When sent on WhatsApp, one first receives an alert that this is harmful. However, when one ignores the alert and opens the file, their phone is vulnerable,” Srikanth said.
The customer service scam is known to be sophisticated because of its nature, unlike those involving fake calls about courier parcels, where victims are blackmailed and pressured for hours together.
Srikanth said, “There are two ways of doing this — one where the scamster picks the call at once, and the second, where he calls back. Since the caller is unaware of what the ‘victim’ could say, he starts with “I just got a call from you, can I assist you in any way?” It is so articulate that the victim can never get suspicious.”
The best way to deal with this scam, according to cybercrime experts, is to look for a customer care number within the banking app. An option - Help Centre - would enable one to ask a requently asked question (FAQ) or reach out to customer care through email or phone.
When looking up something on search engines, always be extremely careful with typos in the spelling, logos and other giveaways like the font. Even if one does call a wrong number, never ever click on any unauthorised files or install remote apps, especially when there is lack of clarity on what the app is all about.
Experts said that if at all a person does click on the wrong files and realises that money is getting debited from his account, the person should immediately remove the SIM card and put the phone in airplane mode. Later verify by outing the SIM in a spare phone.