With digital transactions taking over, we are seeing more and more online payment fraud. In fact, according to the Reserve Bank of India, comparing March 2022 to March 2019, digital payments grew in volume and value by 216% and 10%, respectively. And UPI, IMPS, and PPI transactions among digital payments recorded CAGRs of 104%, 39%, and 13% during the same period, respectively. As the statistics show, Indians are starting to embrace digital transactions, but there is no denying the security issues that are looming, due to lack of education and know-how in online payments. Here, we will discuss the top five online payment frauds plaguing India.
1) UPI scams
It is widely recognized that UPI is the most common way of making day-to-day payments in India. Now, many people are still new to the concept, but some marketplaces that allow people to sell used goods are starting to see an influx of UPI fraud. Here’s how it goes:
Users put up an ad for, say, a couch.
A potential buyer (scammer) sends a message to the user saying they are ok with the deal, bargains lightly (to appear genuine) and then asks if they can “reserve” the product by paying online?
The user happily agrees and asks the buyer to send the money.
The scammer asks for the seller’s UPI ID to transfer the decided amount. Now, instead of transferring the amount, the scammer generates a UPI request that goes directly to the seller.
More than likely, at this point the scammer calls the customer to distract the seller and asks the seller to approve the UPI transaction.
Unfortunately, many users fell prey to it, failing to read the fine print and approve the request. This results in an immediate transfer of money to the crooks’ account. Several other UPI frauds, including spoofing, phishing, and OTP access, are spreading like wildfire. Scammers end up impersonating notable businesses and merchants and asking unsuspecting customers to prepay or even connect with you using a UPI handle that looks like an official account.
2) Remote access/screen sharing scams
Time and time again, we’ve seen seniors and people new to online banking fall victim to remote takeovers of their devices. Fraudsters usually pose as bank employees, trying to activate a certain service or fix an error on your phone. They will warn you of the consequences and threats to your bank account if they do not resolve the issue. In a rush, they end up following the instructions given by the fraudster and end up installing a remote access/screen sharing app. As soon as you give them access, the crooks get to work acquiring sensitive information such as OTPs, saved passwords, banking credentials, etc.
RBI says, “If your device is experiencing a technical problem and you need to download a screen sharing app, please disable/logout all payment-related apps on your device. Download these apps only when notified through the company’s official toll-free number as it appears on its official website. Do not download such applications in case a company executive contacts you through their personal contact number. As soon as the job is done, make sure that the screen sharing app is removed from your device.
3) Scam using QR codes
The widespread QR code scam has caught on in India as more and more people start using smartphones and online payments in general. In a circular from RBI, it is stated that customers are frequently contacted by scammers in various forms and convinced to use the banking apps on their phones to scan the QR codes and the moment the users scan the code they authorize without know the transfer of money to the bank account of the scammer.
WATCH VIDEO: iPhone 14 vs. iPhone 13: Should You Upgrade?
4) Scams that manipulate search engine results by compromising credentials
Many people use search engine results to get contact details for their banks, insurance companies and merchants. Usually this works just fine, but sometimes fraudsters can use techniques such as SEO to classify their manipulated credentials as impersonating a real website or entity. So customers end up calling the fraudster instead of their real bank.
Unfortunately, these scammers are very manipulative and eventually convince you to share your sensitive information. To avoid this, it is advisable to cross-reference the phone number or email, and learn to identify the real entities. Additionally, RBI says “Do not call numbers directly displayed on the search engine results page as they are often camouflaged by scammers. Please also note that customer service numbers are never in the form of numbers mobile phone.”
5) Phishing links scam
Fraudsters can deceive users by creating websites that imitate real entities. Users new to online transactions and e-commerce may not identify these websites and end up making transactions, only to receive nothing in return. It is common to receive the URL of these websites on messaging apps and social media. Fraudsters also use bulk messaging services to broadcast text messages to unsuspecting users.
Read all Latest technical news and recent news here