Nandini was surfing a popular e-commerce website for a cool pair of cufflinks to gift her husband for their anniversary. Since she liked the design, she decided to order. When she didn’t receive the package, she decided to contact customer care. The customer care alluded to a payment failure as the reason for non-delivery. To clear the air, they asked several questions related to her banking details, particularly confidential information such as her CVV number, expiry date on her credit card, etc. Sensing that she was about to be scammed, she quickly cut the call and informed her friends about this incident.

Nandini’s situation is not an isolated incident. Karan from Pune was searching online for the phone number of the delivery app to ask for a refund for his undelivered food order. When he called the number he found online, the ‘representative’ asked for confidential details such as UPI pin and debit card CVV number. Instead of cutting the call directly, he shared the wrong PIN and hung up. A few minutes later, he received an SMS informing him that two UPI transactions failed due to an incorrect pin.

As consumers become aware of traditional scamming methods, cybercriminals have changed their modus operandi to gain access. To misdirect consumers into calling them, scammers are replacing customer care numbers of reputed companies and financial institutions on social media platforms and search engines or plugging false numbers into their websites.

To highlight such ever-evolving malpractices, RBL Bank has initiated awareness campaign as a part of Fraud Diwas, a mass awareness exercise on the specifics of banking fraud. This is conducted on the first Wednesday of every month. It helps customers be more cautious by arming them with the required information, and reminds them that they can always report any cybercrime at or reach out to the National Cybercrime Reporting Portal’s toll-free helpline 1930 in case of unfortunate emergencies.

Along these lines, this article highlights some common scam methodologies and recommends a few best practices to stay vigilant in such scenarios.

Know the Con

Growing up, most of us were advised not to talk to strangers or fall prey to misdirections. As the world evolves, we need to add more scenarios and preventive actions to pass on to others. To that end, staying informed is the first step to being cyber safe. Having a good understanding of how fraudsters operate can help avoid fraud.

Here are some prevailing modus operandi used by cybercriminals to defraud the customers.

Social Media Scam

Consumers use social media channels as forums when they are unable to get any response from the business. Fraudsters use this to their advantage by closely following the complaints posted on pages of brands on Twitter, Facebook, or other social media platforms and immediately respond to those posts with a personal message to provide their fake numbers before the company can even take note of that. When the consumer calls, they impersonate company representatives to commit the crime.

Toll-free Number Trick

It is important to understand the concept of toll-free numbers to remain vigilant. A toll-free number mostly starts with ‘1’ followed by codes like 800, 844, 855, 888, etc., to form numbers like 1800 200 400. However, it is easy to acquire a toll-free number off the internet. To commit a scam, the fraudster can purchase a number similar to the toll-free number without the prefix to read 800 200 400. After registering the number on a caller identification application under the name of a brand or bank, customers start getting calls. These calls focus on extracting various confidential details of the customer, such as OTPs, UPI pins, and CVV numbers, in order to gain complete control over a customer’s bank account.

raho cyber safe

Best Practices to #RahoCyberSafe

When we are busy with work meetings, taking care of family, or simply relaxing during vacations, these calls might not seem fraudulent. But it is important to always stay vigilant. Cyber police have stated that these scams have been on the rise in recent times. Due to the gravity of the situation, the RBI earlier issued a press release, urging members of the public to practice safe digital banking by taking all due precautions while carrying out any digital (online/mobile) banking/payment transactions, detailing the guidelines and adding warnings on how to tackle the issue. RBL Bank understands the importance of cybersecurity. We recommend following precautionary measures, which can help you to protect your hard-earned money.

  • UPI pin is not needed for refunds or for receipt of money. If a customer care representative requests confidential information, avoid sharing them over call or SMS.
  • If you are searching for a bank’s official phone number, it is advisable to find it on their official website instead of any other listing websites or search engines.
  • If you have posted your grievance or complaint on the official page of a brand and received a personal message, refrain from communicating further. Almost all brands reply publicly to the comment or post unless the customer sends a direct message first.
  • Similarly, avoid sharing your contact information on public forums as it can be used for scam calls or phishing emails.
  • If you find any suspicious activity or have been a victim of cyber financial fraud, report the same at or reach out to the newly introduced National Cybercrime Reporting Portal’s toll-free helpline number 1930
  • In case you suspect that your confidential details have been compromised, please change the password or UPI pin immediately

Both Nandini and Karan realized that the call wasn’t going in the right direction and proceeded to act accordingly. Since this can happen to anyone, we recommend being cautious at all time and especially when you face situations like these.