Digital Payment Frauds

Mukund
3 min readApr 25, 2023

--

What are Digital Payment FRAUDS ?

Digital Payment frauds are various methods cybercriminals forge to dupe users of their money by either tricking the victim pay & lose money on their own or share financial information to let them access & spindle money. Such frauds may involve various forms of online payment methods, including credit/debit cards, mobile wallets, and online banking systems.

Modus Operandi

UPI Fraud: Fraudsters call and in the pretext of sending money, sends a ‘Money Request’ instead and asks you to enter UPI PIN.

KYC Fraud: Fake SMS or call received threatening to block bank account/wallet citing KYC non-compliance. Fraudsters call to facilitate the KYC process and trick users to get financial data.

Remote Access Fraud: Fraudsters send link containing remote access apps like Any Desk, Quick Support or TeamViewer which when installed, gains access to the victim’s phone/computer.

Most prominent digital payment scams you should be aware of:

Phishing attack: The most common online scam that is committed by scamsters. Phishing attacks are conducted by sending text messages, emails, and other messaging applications. People receive a message on their mails or messaging applications which look like official messages and once the person clicks on the fake message, the scamsters get access to your device and information.

Fake websites: Another very common way to defraud people is by using fake websites of famous financial institutions. Scamsters create websites which look like the original website and offer lucrative offers to victims to buy financial products. However, if one needs to be vigilant to differentiate between the fake and original websites. Generally, genuine websites have a secure domain and their URLs start with ‘HTTPS’ and not ‘HTTP’

QR Code Scam: Many people have fallen victim to this scam where fraudster clean their bank account using a QR code. The moment you list any item on any buying or selling goods platform, many users will show interest in buying the product from you at the same price as listed. To take the process further, the user immediately asks for UPI ID, bank account to initiate the payment. Then the user will send a WhatsApp with QR code and the requested amount will be written on it, the user will ask you to scan the QR code and enter an OTP on any Digital Payment App to receive the payment. Basically, you will be asked to scan the QR code to receive the money in your account, which will eventually lead to the fraud.

Fake delivery-OTP scam: Scammers will target people who are a frequent online shopper and receive packages. A fake guy will show up at your doorstep pretending to be the delivery agent. They will state that your package is a pay-on delivery module. If you refuse to take the delivery page, they will ask for your contact number and will send an OTP to initiate the cancellation. The moment you will click on the unknown link or will share the OTP, your phone will fall vulnerable to the scammers and get hacked.

Sextortion scam: The latest scam which has grabbed the nation. Fraud of up to Rs 3 lakh has been reported till now. You will receive a video call from an unknown number. The moment you receive the video call, you may spot a naked woman or a woman will start stripping the moment you attend the call. They will take a picture or say a screenshot with you along with the naked woman appearing in your screen. Then they will start blackmailing you for the money by saying that they will send the pictures to your family members or will post it on your social media profile. Many people have fallen prey to this scam and eventually end up paying the scammers to save their face in public.

How to Stay Safe

1. UPI PIN is only needed to send money. Never enter UPI PIN when expecting a payment.

2. Never entertain calls from people posing as bank representatives asking for your card/wallet/bank account information.

3. Disconnect calls asking for KYC verification or bank account/card blocking.

4. Do not search for Bank/UPI customer care numbers on search engines or social media. Always visit the official website.

5. Never share any PIN/OTP/password ever on call/email/SMS.

6. Keep personal information private: Avoid sharing sensitive personal information like your Social Security number, driver’s license number, or passport number unless necessary.

7. Never accept any video calls from any unknown numbers.

--

--

Mukund
Mukund

Written by Mukund

SecOps Engineer focused on DevSecOps and Application Security, currently at Innovation Incubator Advisory. Main Focus AppSec | DevSecOPs | MlSecOps

No responses yet