Many of us would have gone through this. We wake up in the morning and check our messages and see that ₹20,000 has been spent on your credit card in some random city. Such instances of banking fraud is becoming all too common in India. According to the RBI, fraudsters are finding new ways to defraud the gullible public through various ingenious methods.

RBI released a booklet on the common modus operandi used by fraudsters. The book has been divided into three parts- Part A and B list out the commonly observed modus operandi and precautions to be taken against fraudulent transactions relating to banks and non-banking financial companies (NBFCs), and Part C explains the general precautions and digital hygiene measures to be taken by the public.

While you may already be aware of some of these tricks, here’s a look at some methods used by fraudsters according to RBI:

Frauds using online sales platforms

Fraudsters pretend to be buyers on online sales platforms and show an interest in sellers’ products. Many fraudsters pretend to be defence personnel posted in remote locations to gain confidence. Instead of paying money to the seller, they use the “request money" option through the Unified Payments Interface (UPI) app and insist that the seller approve the request by entering UPI PIN. Once the seller enters the PIN, money is transferred to the fraudster’s account.

Frauds using screen sharing app / Remote access

Fraudsters trick the customer to download a screen-sharing app. Using such an app, the fraudsters can watch/control the customer’s mobile / laptop and gain access to the financial credentials of the customer. Fraudsters use this information to carry out the unauthorised transfer of funds or make payments using the customer’s Internet banking/payment apps.

Frauds by compromising credentials on results through search engines

Customers use search engines to obtain contact details/customer care numbers of their bank, insurance company, Aadhaar updation centre, etc. These contact details on search engines often do NOT belong to the respective entity but are made to appear as such by fraudsters. Customers may end up contacting unknown/unverified contact numbers of the fraudsters displayed as bank/company’s contact numbers on search engine. Once the customers call on these contact numbers, the imposters ask the customers to share their card credentials/details for verification. Assuming the fraudster to be a genuine representative of the RE, customers share their security details and thus fall prey to frauds.

Scam through QR code scan

Fraudsters often contact customers under various pretexts and trick them into scanning Quick Response (QR) codes using the apps on the customers’ phones. By scanning such QR codes, customers may unknowingly authorise the fraudsters to withdraw money from their accounts.

Juice jacking

The charging port of mobile can also be used to transfer files/data. Fraudsters use public charging ports to transfer malware to customer phones connected there and take control/access/steal data sensitive data such as emails, SMS, saved passwords, etc. from the customers’ mobile phones (Juice Jacking).

Subscribe to Mint Newsletters * Enter a valid email * Thank you for subscribing to our newsletter.