“The Reserve Bank cautions members of the public to be aware of fraudulent messages, spurious calls, unknown links, false notifications, unauthorized QR codes, etc. promising help in securing concessions/ expediting response from banks and financial service providers in any manner,” the central bank said.
Fraudsters attempt to get confidential details like user id, login/ transaction password, OTP (One Time Password) as well as debit/ credit card details and other personal information.
The RBI has highlighted some of the typical modus operandi being used by fraudsters like Vishing, Phishing, and Remote Access.
“RBI urges the members of the public to practice safe digital banking by taking all due precautions while carrying out any digital (online/ mobile) banking/ payment transactions. These will help in preventing financial and/ or other loss to them,” the notice said.
Vishing refers to phone calls pretending to be from bank/ non-bank e-wallet providers/ telecom service providers in order to lure customers into sharing confidential details in the pretext of KYC-updating, unblocking of account/ SIM-card, and crediting debited amounts.
Phishing means spoofed emails and/ or SMSes designed to dupe customers into thinking that the communication has originated from their bank/ e-wallet provider and contain links to extract confidential details.
By using Remote Access, fraudsters lure customers to download an application on their mobile phone/ computer which is able to access all the customers’ data on that customer device.
Fraudsters also misuse the ‘collect request’ feature of UPI by sending fake payment requests with messages like ‘Enter your UPI PIN’ to receive money.
It is also to be noted that fake numbers of banks/ e-wallet providers on webpages/ social media and displayed by search engines.