In the last few years, digital payments and online banking have witnessed superlative growth. As digital India continues to boom, customers prefer online methods to transact. However, this boom has also come with its own set of drawbacks. The Reserve Bank of India stated that cybercrimes are becoming increasingly sophisticated and have been increasing in numbers. It is important to note that the amount of money stolen through these online frauds has also increased. Arguably, the fundamental reason for such online frauds to flourish is the lack of awareness among people. Although it is almost impossible to curb the rise of fraudsters, being aware and vigilant at all times is imperative to stay safe and prevent financial losses.
Recent stories on online fraud
A report by the Ministry of Home Affairs states that 67.9% of the total reported cybercrime were ‘online financial frauds.’
As per an IANS report, a family in Lucknow fell prey to an online SIM card scam and lost Rs. 16 lakh. The scammers lodged an FIR about a missing SIM by submitting a fake aadhaar and obtained a new SIM card for the victim’s mobile number. It is also possible that the scammers got hold of the victim’s Aadhar and debit card information.
In October 2022, a Pune woman lost Rs. 3.23 lakh to an online fraudster who claimed to be a doctor in a foreign country. The accused claimed to have sent a gift to the woman after befriending her online. He asked her to transfer money to his account to pay customs duty and receive the gift. However, he cut all ties with her once she refused to pay more money and demanded the previous amount to be returned.
A 69-year-old woman from Warje lost Rs. 2 lakhs to a fraudster who impersonated as a customer care executive. The fraudster defrauded the woman on the pretext that there was a problem with her sim card due to which the sim card might get blocked unless she pays ‘processing fees’ of Rs. 10. To complete the transaction, he had sent a dubious application download link through text message. The fraudster then directed the woman to install the application and asked her to make the payment of the ‘processing fees’ through her debit card. The details of the debit card were compromised soon after the payment was completed through the dubious application. The fraudster later used these details in initiating fraudulent transactions of Rs. 2 lakhs.
Type of bank frauds
1. Screen sharing app / Remote access scam
In this type of scam, fraudsters trick users to download a screen share app to gain access of their mobile or laptop device. Once they have control, it becomes easy for the fraudster to retrieve financial credentials or track every move the user makes on their laptop to extract information. This type of scam may cause more damage as it may also lead to breach of user’s other personal sensitive information. The best way to stop this fraud is to avoid downloading apps sent by any unknown persons. If there is any pressing need, it is best to visit the bank or resolve the issue in person.
2. SIM swap / SIM cloning
SMS is an integral component of digital banking services as customers receive OTPs and regular update from their bank.. SIM swap or cloning scam is quickly becoming a popular scam where fraudsters obtain a duplicate SIM from the service provider. When the second SIM is activated, it deactivates the customer’s SIM, thus giving the fraudster complete control to receive OTP or contact the bank as the customer themselves. If your SIM is not working, it is recommended that you should contact your service provider immediately and notify them of the situation.
3. Phone number scam
Search engines replaced phone books and listicles. However, as this means of information extraction becomes popular, hackers use it to their advantage. As there is no supervision over the content available on the internet, fraudsters often change contact details to redirect calls to their scam centers. The fraudsters gain trust of the callers and then they are tricked into sharing sensitive information. Instead of relying on general search engine results, visit the business website directly to get their customer care number. Those websites are constantly monitored and will have less chance of any malicious activity.
4. ATM card skimming
One of the sophisticated forms of online fraud is ATM card skimming. Fraudsters install skimming devices such as dummy keypads or pinhole cameras in ATM machines to extract customer card data. With the card data in hand, they recreate the ATM card to access the customer’s account to withdraw money. Inspect the ATM & all areas of its fascia for unusual or non-standard appearance and if you notice a card reader that protrudes outside the face of the rest of the machine, it may be a skimmer.
5. Frauds using online sales platforms
This scam method is popular in resale websites where the scammers pose as buyers and trick the uninformed into refunding the excess amount sent by mistake. Here is an example of how it works. A seller posts an ad on a reselling platform. Fraudster responds to the ad with an interest to make a purchase. After agreeing to make the payment, the fraudster sends a ‘false’ screenshot of paying extra. Using this as evidence, they request for refund of the differential amount. Since time is of the essence in such scams, it becomes difficult to suspect foul play. Always double check your bank statement before responding to such scam attempts.
6. Scam through QR code scan
With the popularity of QR codes, a new form of scam is afoot. By sending pictures of Quick Response (QR) codes or using the customer’s phone to scan the QR code, fraudsters can gain control over bank accounts. This scam method is popular in online marketplaces where the scammers pose as buyers and convince the victim into scanning a QR code to initiate payment for the sale. If a person is trying to force such a method of payment, chances are you are in the process of getting scammed. To avoid falling prey to such scams, remember you don’t need to scan a QR code to receive money.
7. Fake loan offers
Feeding on the customer’s needs, fraudsters create fake loan offers through fake advertisements. These advertisements offer loans at affordable interest rates or easy payment options. When a customer approaches fraudsters for loans, they raise invoices for various charges such as GST or advancement of the first installment and abscond without disbursing the loans and leave the customer at loss of money. While digital banking has improved the loan process, it is important to remain diligent while going through the application process. If you have received any SMS or email showing attractive interest rates, visit the bank’s website to confirm the information before proceeding. Also, do not click on any links received through these communication channels as they can be links to phishing websites.
8. KYC scams
One of the most common types of scams is the KYC scam where fraudsters impersonate banking officials and persuade customers to share their sensitive information in the pretense of updating the KYC information. The information collected is more than enough to access the bank account of that individual. The best way to prevent such scams is by being vigilant and informing your bank of such an incident.
9. Insurance frauds
Fraudsters posing as insurance agents use fake email IDs to fill false information online and collect four-wheeler insurance but paying money only for two-wheeler insurance. The client can be penalized for having the wrong insurance coverage and end up with no reimbursements in case of accident or thefts. Another type of insurance fraud is where fraudsters use fake death certificates and other documents to claim life insurance money. These forged documents are submitted online by fraudsters and they add their details as beneficiary to claim the policy amount. Do a periodic check of all your insurance policies to ensure no such scams have been made with your policy.
Phishing is a type of scam where customer information is extracted through different means. In online fraud, scammers use phishing websites that look like legitimate business websites. These links are distributed through social media or messages. When the customer clicks on these links to access the business website, their information gets shared with the scammers, who can use it to steal all the money or apply for loans under the customer’s name. Phishing is one of the most common types of frauds also the easiest way to defraud the customers. To prevent such scams, it is best advised to never click on website links one may receive through WhatsApp, SMS or even social media channels.
11. Juice Jacking
Juice jacking is a new method of fraud where the attacker leaves an unattended charging cord or USB connection, that is loaded with malware, at the charging station in airport lounges or any other public area. By gaining access to the hardware, attacker can gain access to sensitive data, install malware to spy on the owner of the device, or lock the owner out of the device completely. Be vigilant and if possible, avoid using public and unattended charging cord or USB connections. Carry your own charger or USB connecter.
These are some of the most popular scams in the country. To that end, cybersecurity has taken center stage among banks and financial institutions with the increase in online frauds. Understanding the need of the hour, banks have started to implement strong data protection policies and be fully equipped with the necessary tech support to handle such situations.
10 tips to protect against online scams
In the day and age where information is wealth, it is essential to have basic awareness about online scams. The number of users relying on online payment apps is on the rise. But the underbelly of this rise is the unfortunate growth of online scammers and frauds. Here are the eight most effective ways to protect yourself and your loved ones from online fraud.
- Tip #1 – Use caller ID apps to identify cyber criminals. By default, these apps red flag certain numbers as they have been previously flagged as spam by other users. However, even while using these apps, one must be vigilant and be extra cautious before sharing any personal information.
- Tip #2 – Avoid downloading apps from ads or unknown and unsecured websites as they may come with their own malware that can steal data from the phone. Prefer downloading verified applications available on Windows App Store, Google Play Store, or Apple app with excellent developer score.
- Tip #3 – Always be cautious of using public WiFi as it can be used as a trojan to enter the phone. Do not use them for online payments or accessing sensitive information. If it is absolutely essential to use, add an extra layer of security with mobile virus software that scans WiFi networks.
- Tip #4 – Look for an SSL certificate while browsing websites. A secure site will have two important aspects – “https://” before “www” and a lock icon on the address bar. This shows that the site is safe to use. Most pop-up links are unsafe, and clicking them invites hackers to access the website.
- Tip #5 – While getting numbers off the internet is easy, it is also essential to verify customer care numbers. Hackers have infiltrated website information and redirected calls to anonymous portals to extract information. As a thumb rule, always take the numbers from the company website instead of any listing sites.
- Tip #6 – Consider installation of anti-virus software for all your laptops, desktops, and mobile phones. They help improve your firewall security and scan for viruses within the system, keeping you safe at all times.
- Tip #7 – Stay informed about new scams and remain vigilant while receiving calls. Fraudsters can con anyone into revealing sensitive information such as bank details or card numbers. Remember that no bank or financial institution will ask for such information over a phone call, no matter how important the situation might be.
- Tip #8 – When using QR codes to make payments in stores is a great option, do not scan codes sent by third-party apps or unknown persons. It becomes a source for them to gather account information or transfer money directly. Always stay conscious when engaging with third-party or WhatsApp vendors. Scanning of barcodes, QR codes, and entering of MPINs are not required for transactions involving the receipt of money.
- Tip #9 – Secure your cards and set a daily transaction cap. Additionally, you can activate or deactivate your account for domestic and foreign use. By doing this, fraud loss may be reduced
- Tip #10 – Keep an eye out for notifications from your financial service provider. Any suspicious activity should be reported immediately to your bank so that the card, account, or wallet can be blocked immediately to prevent any additional loss.
What to do if you get scammed
It is essential to stay informed. However, a few things can be done if you have been through a cyber financial scam or know anyone who was under a cyberattack.
- Contact the bank and notify them of such an incident. The bank can try to recover the money or prevent hackers from further accessing your account.
- In case of payment app fraud, use the help section to inform them of the same.
- India has an excellent and vigilant cybercrime cell called National Cyber Crime Reporting Portal. For immediate reporting, one can call 1930 or visit to register a complaint.