The Reserve Bank of India (RBI) published a 40-page brochure outlining different ways scammers can steal your financial information and empty your bank accounts.
This brochure, titled 'BE(A)WARE,' emphasises the importance of safeguarding one's personal information and exercising caution when conducting financial transactions. Here are all of the common methods RBI listed that scammers use to steal your private info.
Pushing out a malicious link is one of the most simple methods to scam an unsolicited individual. According to RBI, fraudsters might create a fake website that looks like an existing genuine website, such as a bank’s website or e-commerce website or search engine, etc. These links are then circulated by fraudsters through text messages or via social media, etc.
Malicious links are masked through authentic-looking names of websites, but in reality, the customer gets redirected to the phishing website. When customers enter secure credentials on these websites, the same is captured and used by the fraudsters
It should be noted that most of the time, customers enter secure credentials by just having a glance and clicking at the link but not checking the detailed URL. On e-commerce platforms, fraudsters might pretend to be buyers and show interest in your product. This is a very classic technique of defrauding individuals.
“Instead of paying money to you, they use the “request money” option through the UPI app and insist to approve the request to pull money from your bank account,” RBI said in its research.
Malicious mobile apps are the easiest way for hackers to gain complete access to your device. These applications are shared as ‘authentic’ apps on social media platforms and WhatsApp group chats. The link is engineered in such a way that the customer is redirected to download the unknown application. Once the app is downloaded, the fraudster gains complete access to your device.
RBI highlights that these apps are mostly screen sharing apps through which the scammers can watch, control your mobile phone to gain access to your financial credentials. Later, they make payments using your Internet banking and payment apps.
All of us rely upon Google to search for the contact number of businesses, banks, and government offices. Scammers are well aware that search engines have become a source of trust. Taking advantage of this, scammers have listed out fake contact details on search engines such as Google, Yahoo, etc., to attract victims and steal their money.
Once a customer calls on these numbers, the impostors ask the customers to give their card credentials details for verification. Assuming this contact to be genuine, people compromise all their security details and thus fall prey to fraud.
Scanning QR codes has become very prominent during COVID times. Whether you’re in a restaurant looking to access the menu or want to make a contactless payment. Scammers often contact customers under various pretexts and trick them into scanning QR codes using payment apps. This allows the fraudsters to withdraw money from the customer’s accounts.
This might sound unbelievable, but scammers have figured out a way to infect your devices and gain full access to them, using a charger. RBI in its research, notes that ‘juice jacking’ is a type of cyber stealing, where, once your mobile is connected to unknown or unverified charging ports, unknown apps are installed with which, the fraudsters can steal sensitive data, email, SMS, and even saved passwords.
RBI lists out ways to stay safe online.
#Be wary of suspicious-looking pop-ups that appear during your browsing session.
#Always check for a secure payment gateway (https:// – URL with a Pad Lock Symbol) before making online payments.
#Keep your PIN (Personal Identification Number), password, and credit or debit card number, CVV private.
#Avoid saving card details on websites/devices/public laptops/desktops.
#Turn on two-factor authentication where the facility is available.
#Never open emails from unknown sources containing suspicious attachments or phishing links.
#Do not share copies of the chequebook, KYC documents with strangers.