We come across these things on a daily basis and yet some fall for such a trap despite regular warnings from banks, service providers, and the central bank.
As recently as this week, a Whatsapp message was being sent to customers to upload eKYC and to provide the contact number, else the number will be disconnected. Once you call that number, they ask you to download the Team Viewer app, which then gives the fraudster access to and control of the phone.
Here is a look at some recent cases of these eKYC frauds
For instance, in December 2021, Reliance Jio warned its consumers about an e-KYC fraud. The telecom company had issued a warning to its customers about the rise in cyber scams and frauds.
“For us at Jio, your security is always of utmost importance. In recent past, few cases related to Cyber fraud have been reported to us, in which, imposters portray themselves as Jio representatives and insist on getting the information related to your Aadhaar, bank accounts, OTP etc. mainly on pretext of pending eKYC (Know Your Customer),” the Mukesh Ambani-led telco said in an email notification.
According to the RBI website, this type of fraud is called ‘Vishing’. This is where phone calls are made by scamsters pretending as bank/non-bank e-wallet providers/telecom service providers in order to lure customers into sharing confidential details on the pretext of KYC-updation, unblocking of account/SIM-card, crediting debited amount etc.
“Phishing – spoofed emails and / or SMSs designed to dupe customers into thinking that the communication has originated from their bank / e-wallet provider and contain links to extract confidential details,” according to the RBI website.
In July, 2021, Vodafone Idea (Vi) issued a warning to its customers about scammers who may ask them to update their KYC information. According to the firm, “It has been brought to our notice that some Vi customers are getting SMS and Calls from unidentified numbers asking them to update their KYC immediately.”
The Delhi Crime Cell’s website gives detailed information about Paytm KYC frauds. “In these scams, the unwary victim receives one of the texts that the fraudsters send in bulk to unidentified targets. These messages are sent, and the gist of the message is that the recipient must complete KYC for his or her PayTM account or the account would be blocked. The fraudsters provide a phone number for the recipient to contact in order to complete the KYC,” states the crime cell website.
According to Cybercell Delhi website, “When the recipient calls on the given number, the fraudster pretends to be someone working for PayTM and asks the caller (the unsuspecting victim) to install a remote viewing Application such as Anydesk or Quick Support App. He, then, induces the victim to share the Anydesk (or other similar App) ID. After convincing the victim that it is an important step in the verification process, the fraudster, using the Anydesk App installed on his mobile, takes the remote access of the mobile phone of the victim by urging him to accept the remote access attempt. After that, the fraudster gets access to the bank account and e-wallets of the victim and illegally transfers as much money as he can to his own accounts or to that of his associates.”
“In these frauds, the victims end up losing up-to several lakhs of Rupees. It must be noted that while all this goes on, the fraudster does not let the victim hang up the phone lest he/she should see the bank messages regarding the unauthorized transactions that are being done by the former. Once the fraud is complete, the swindler cuts the connection. By the time the victims realize what has happened, they end up losing a lot of money; sometimes even their life savings.”
There are a few different types of fraud. As a result, con artists pose as Customer Care executives for a company whose services the victim has expressed interest in, either through web searches or through portals like JustDial. They require the victim to download the remote watching App and make a modest, token payment (Rs.1/2/5) in order to deliver the online service. They collect the card details when the victim is making a payment and use remote access to the victim’s phone to perform repeated, unauthorised UPI transactions, as per Cybercell Delhi.
How to make a complaint
You can follow these below steps to make a complaint in case of unauthorized transaction. These steps are as per Cyber Cell Delhi website.
To file a complaint, follow these steps
1. A summary of the complaint’s facts, including how to contact the alleged person/website and the subsequent scam
2. Take a screenshot or a copy of the claimed SMSs, Profiles, or Emails.
3. Gather documentation proof (e.g. screenshots, bank transaction statements, etc.)
4. File a complaint with your local police station, detailing the entire incident and including the above-mentioned documentation.
5. Make a soft copy of all of the following papers and give them to the Investigating Officer on a CD-R, as well as a physical copy.
Safety Precautions as suggested by Cyber Cell Delhi
1. Always be suspicious of unwanted phone calls, emails, or SMS messages.
2. Never give out credit/debit card information to anyone posing as a bank official or customer service representative.
3. Never enter credit card information onto an internet form supplied by a caller. It’s possible that your credentials have been stolen.
4. Do not download remote access apps because they will provide a fraudster access to all of your chats and emails.
5. Never click on links in phishing messages/emails purporting to be from government agencies, officials, banks, or other financial institutions. They infect your device with malware or spyware.
6. Be cautious while scanning a QR code that has been supplied to you in order to get payment. It’s possible that you’ll lose money in your account.
7. Be wary of phoney customer service numbers that pop up in web searches. For all online accounts, use two-factor authentication (password + OTP).