In a world massively disrupted by Covid-19, financial fraudsters are on the prowl, preying on the many rendered emotionally and financially vulnerable.

Be alert and on your guard. The last thing you want in these tough times of medical and economic upheaval is falling victim to conmen out to steal your money.

Many hooks

The fraudsters employ many methods — some new and some time-tested. They are also quick, making use of day-to-day developments. For instance, after the recent RBI announcement on EMI moratorium on loans, there were cases of borrowers getting calls asking for OTPs (one-time passwords) to process the EMI deferment. These calls were made by tricksters trying to get hold of the OTP on a fraudulent transaction to siphon money from borrowers’ accounts.

Soon, banks such as SBI and Axis Bank warned customers about this scam, stating clearly that OTP was not required to process the EMI moratorium, and that OTPs should never be shared.

Then, there were cases of many fake UPI ids seeking donations to the PM CARES fund that has been set up by the government to provide relief to persons affected by the coronavirus. The SBI clarified that pmcares@sbi is the correct UPI id.

These are not the only instances. Reports say that globally, and in India, conmen are employing a variety of ruses — such as pretending to offer access to government benefits, offering refunds on travel and hotel booking cancellations, asking for money to treat a loved one who is in a distant place, seeking donations, using fake websites/apps to offer much-in-demand coronavirus-related information, sending emails/messages supposedly from organisations such as the World Health Organisation (WHO), government agencies and reputed corporates, offering medical products, purported cures and vaccines, and dangling offers including free subscription to channels such as Netflix.

The gameplan is make you part with your money directly — or with information such as personal details, banking and credit card information, passwords and OTPs, or to install malware in your electronic devices such as computers and mobile phones, and use this to siphon your money.

Given the lockdown across the country, it may be difficult to get quick redress if you become a victim of such frauds. Prevention is always better than cure, more so now. Many banks, travel agencies and other entities are disseminating information about such financial frauds and steps to safeguard yourself.

Many kinds

There are various kinds of online financial fraud, from the simple to the sophisticated. Here are some prominent ones.

Identity theft is generally the first step in the design of cyber-criminals and involves getting hold of potential targets’ personal details such as names, addresses, dates of birth, and PAN. These details are then used to commit identity theft — the criminal masquerades as the victim to commit financial fraud.

In phishing , conmen ‘phish’ (seek to extract) confidential information such as passwords, personal identification number (PIN), card verification value (CVV) and OTP. They then use this information to defraud the victim. Phishing happens over e-mail.

Vishing is short for ‘voice phishing’ and SMiShing is phishing through SMS. In vishing, the conman tries to extract confidential information over the phone, while in SMiShing, he attempts to trick via phone messages.

In skimming , fraudsters skim information from cards, using devices stealthily installed in ATMs or at physical stores. Fraudulent online transactions can be done using skimmed data and confidential information.

Mobile banking frauds include fake or similar interface apps, the app being mapped to an incorrect mobile number, SIM swaps and malware.

In UPI fraud, fraudsters could ask victims to click on links, accept ‘collect request’ received over text messages and enter UPI MPIN (mobile banking personal identification number). Fraudsters could also ask to share debit card details, text messages, UPI registration OTP, and use this data to create a new virtual payment address (VPA) ID and set MPIN.

Crooks keep coming up with new techniques to defraud. So, it is important to be informed, and safe and secure in our financial transactions.

Many safeguards

There are several safeguards you can take to stay away from financial fraud. Here are some key ones.

· Never share your confidential data such as OTP, CVV, PIN, UPI MPIN or passwords. No bank, card provider or other authentic institution will ask for such data.

· Do not click suspicious links or open suspicious attachments.

· Do not click links or open e-mail attachments sent by unknown persons.

· Transact on secure websites with URLs starting with https (as against http) and having a padded lock icon.

· Be discreet about giving out your personal information to others — share on a need-to-know basis.

· Buy genuine software. Update electronic devices with the latest anti-hacking and anti-virus protection to avoid malware.

· Use strong passwords and change them regularly.

· Use virtual keyboard for online transactions to prevent criminals from capturing keystrokes.

· Check for hidden cameras or devices at ATM enclosures. Enter PIN discreetly in ATMs or at physical stores.

· Sign on your debit and credit cards. Memorise the CVV on your card, if possible, and scratch it out.

· Download mobile apps from genuine sources; do not tamper with the security settings of your mobile phone.

· Be wary of emails from organisations such as the WHO. Visit their official websites for the latest updates.

· Be wary of emails/messages from unknown persons.

· Be wary of emails/messages with spelling mistakes or grammatical errors.

· Be wary of emails in which the sender’s email address is not the same as his/her display name.

· Be wary of emails/messages that tell you to act urgently or reply immediately.

· Remember, UPI MPINs are not needed to receive money, they are needed if you want to pay money.

· Register for both SMS and e-mail alerts for financial transactions. Check these alerts.

· Do not forward suspicious SMSes.

· If your mobile phone service stops for unknown reasons, check with your phone operator immediately and notify your bank as well.

· Avoid using public charging stations such as airports. Carry your charging adapter or power bank.

· Avoid public computers for financial transactions.