Comments
Within weeks of the RBI announcing a three-month loan moratorium, fraudsters could be up to their tricks, scamming funds out of unsuspecting borrowers.
“The EMI moratorium has just begun. While we haven’t observed anything per se , one has to understand what can happen proactively. We have to start an awareness campaign,” said Sameer Ratolikar, Executive Vice-President and Chief Information Security Officer at HDFC Bank.
“Banks will always communicate through official channels but they will never ask you to disclose personal credentials,” he told reporters during a call on Thursday.
Banks, which have stepped up vigilance against such scams, said fraudsters could choose between three or four modus operandi.
Three main modus operandi
One, they could reach out to the customer about EMI moratorium on credit card bills and seek card details. Once the customer discloses this by call or text, the fraudster could next ask for the OTP and make a transaction.
Alternatively, customers could be asked to download a mobile app sent by a link to avail the moratorium. “As an additional benefit for downloading the app, the customer could be promised at least three more months of moratorium,” said Ratolikar.
The app, on the pretext of getting downloaded, would also install a virus, malware or a Trojan on the phone, which would capture and communicate the customer’s keystrokes to the fraudster, who can then initiate a transaction with an SMS OTP (again obtained from the customer).
Ratolikar stressed that customers should not download any app from unknown sources and should only do it from the official Play or App Store. “One should also install and update anti-virus on phones along with laptop and desktop. Anti-virus is a basic hygiene now,” he said.
Social media phishing
The third modus operandi is social media phishing, where the fraudsters track the Twitter and Facebook accounts of banks to find out customer grievances. As many customers also post their phone numbers, the fraudster can call them, posing as bank agents, and ask for account, debit card and PIN details.
Bankers stressed that customers must always use secure banking channels for all online and digital banking transactions. “They can also check out the tips for secure banking, which are available on the websites and mobile apps of banks,” said one.
Comments
COMMENT NOW
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.