In the contemporary world of digital transactions, UPI (Unified Payments Interface) has emerged as a cornerstone for online payments, offering users a seamless and convenient way to transfer funds. However, with the surge in digital transactions comes an alarming increase in UPI frauds. In the 2022-23 financial year alone, there were over 95,000 reported cases of UPI fraud in India, highlighting the urgent need for robust fraud management strategies in banks and financial institutions.
As digital transactions become more prevalent, fraudsters are employing increasingly sophisticated tactics to exploit vulnerabilities in the UPI ecosystem. Common UPI frauds include phishing, fraud sellers, screen monitoring apps, money mule schemes, SIM cloning, deceiving UPI handles, fake calls, malware attacks, and collect request scams.
Phishing UPI fraud occurs when users inadvertently click on malicious payment links, leading to unauthorised auto-debit transactions and potential device infections. Fraud sellers exploit unsuspecting buyers by asking for prepayment via UPI transactions, leaving victims without products and vulnerable to further hacking attempts. Screen monitoring apps and malware attacks target users who download unauthorised applications, compromising personal information and transaction details. Money mule schemes involve organised fraud rings collecting money from various sources by obtaining UPI information and storing it in intermediary accounts. SIM cloning is another method where fraudsters clone SIM cards to gain access to personal information and change UPI details.
Investigations into UPI frauds reveal a pattern followed by hackers to execute their schemes. Disguising themselves as bank employees, hackers extract basic information, address UPI app-related issues, and convince users to share sensitive data. Scammers may also trick users into downloading apps that provide access to their phones. Once a 9-digit code is provided by the user, scammers gain full access to the victim's UPI application and bank account.
To safeguard against UPI fraud, users should adhere to guidelines provided by the RBI (Reserve Bank of India), exercise caution with payment requests, avoid engaging with fraudulent calls or messages, and report any unauthorised debit immediately. Additionally, users are advised to verify customer service numbers from official sites, be vigilant with payment requests, avoid clicking on spam links, and steer clear of unauthorised shopping sites. It also requires users to adopt essential precautions and stay informed about potential risks. One critical measure is to avoid engaging with fraudsters, as banks never request sensitive information over the phone.
Users should exercise extra caution when requesting or accepting money, as fraudsters exploit the "request money" feature on UPI apps. Paying attention to spam warnings on UPI apps, avoiding malicious apps, following security practices like protecting PINs using biometric recognition, and regularly checking accounts for suspicious activity are crucial steps in fraud prevention.
Being cautious about opening emails without verifying their authenticity, avoiding the use of open Wi-Fi for banking or UPI apps, and keeping track of all bank messages can further enhance security. Regularly checking accounts for unusual patterns and promptly alerting the bank to any concerns is essential in mitigating the risk of UPI fraud.
While no application is entirely foolproof, staying vigilant and informed about potential risks is the key to safeguarding digital transactions. Users are encouraged to contact their banks immediately if they suspect any fraudulent activity. By implementing these guidelines and leveraging technological advancements in fraud risk management platforms, banks and financial institutions can fortify their defences and ensure a secure digital banking experience for their customers.
As the digital landscape continues to evolve, the importance of robust fraud management in banks and financial institutions cannot be overstated. As technology advances, so do the tactics of fraudsters, making it imperative for institutions to stay ahead of the curve in protecting their customers' assets and maintaining the integrity of digital transactions.
Dhiren .V. Dedhia, Head – Enterprise Solutions, CrossFraud
Catch all the Instant Personal Loan, Business Loan, Business News, Money news, Breaking News Events and Latest News Updates on Live Mint. Download The Mint News App to get Daily Market Updates.