Beware of any seemingly innocuous text messages that seek to verify account details of popular payment apps that ask you to call a number or click a link. This seems to have become a common way for scamsters to steal money from unwitting customers.
A number of customers have raised complaints over the last few weeks, and payment apps, including Paytm and Google Pay, have been warning customers against sharing personal information, PIN or SMS OTP with anyone.
Most of these frauds target UPI-based payment apps, and industry experts compare it to frauds committed when banks introduced debit and credit cards, with fraudsters stealing PIN data.
“With transactions on Unified Payments Interface crossing the one billion mark, it is clear that this has become a popular payments mean. Fraudsters are accordingly trying to cash in on this,” noted an industry expert.
Paytm and Google Pay have in recent days been cautioning customers against such frauds.
Vijay Shekhar Sharma, founder of Paytm, had recently tweeted, “Please don’t trust any SMS send of blocking your Paytm account or suggestion to do a KYC. These are fraudsters attempting on your account.”
Similarly Google Pay also tweeted, “We take our users’ security very seriously. Please make sure you do not share personal information like PIN, SMS OTP, debit card details, etc. with anyone, via e-mail, forms or phone. Fraudsters could take your details and use other channels to defraud you. Contact Google Pay support only through the Google Pay app or the toll free number listed on our official website, if you face any issues.”
Educating customers
When contacted by BusinessLine , Paytm Payments Bank spokesperson said, “Paytm Payments Bank has a secured set up and account logins have additional factors of authentication like UPI-MPIN, Passcode, Password or OTP...With regards to KYC frauds, we are seeing that the customer are being tricked by the fraudsters to share their security information.”
He further added that Paytm Payments Bank is working closely with telecom companies to report and remove any SMS handles that are reported to send these suspicious SMSes. “Our cyber cell department is connected to police crime branches to effectively tackle cyber frauds as and when they are reported. We are constantly working to inform customers to safeguard themselves from such incidents,” he said.
Mallika Kodali, Product Manager, Google Pay, also said the company is working to educate customers as awareness is necessary to ensure that they do not share personal information. “We would not term it as a spike in frauds...What we have learnt is that they are more social engineering scams but not security breaches in the payment system. So user education is more important,” she said, adding that typically people who are busy in their schedules or in distress are identified for such frauds.
She stressed that customers have to be more aware about sharing sensitive data. “We have created awareness for ATM PIN, same awareness has to be created for UPI protocol,” Kodali said.