OTP Frauds - learn all about it
There are two ways:
(i) In OTP thefts, victims are deceived into giving away their OTP’s on a phone or email or SMS conversations.
(ii) Malware, a software designed to corrupt or gain access to a system that gets the OTP’s in the form of SMS. The offenders, provided with the OTPs, then transfer money from the victims’ accounts to their personal accounts.
The modus operandi is that the OTP theft involves an culprit calling / posing as an imposter
(a) Update or renew credit cards/debit cards details of those receiving phone calls
The victim provides the Card Number and CVV. The scammer then requests the victim to send SMS they have received and assures the unsuspecting victim that all details will be been updated in the system after the victim sends the SMS.
(b) Know Your Customer (KYC) details of those receiving the SMS/Email
The victim gets an SMS/Email having Short Links requesting the users to update the KYC of a Bank/Aadhaar Card or a PAN Card. When the victims open the link and fills up the details including the OTP too, all details are automatically forwarded to the scammers phone, who then carries out money transfer using the OTP from the victim’s account.
(c) Refunds or cash-back or expiring reward points of those receiving the SMS / Email
Scammers trick users to get in touch with them for issues like refund or cash-back or expiring credit card reward points and giving away their details.
How to Safeguard Yourself :
(1) Never share OTP with anyone.
No matter who ever calls you, never give away your confidential OTP over a phone call, WhatsApp or email. Bank Officials never ask for OTP, which means that the person asking for your OTP is trying to deceive you.
(2) Receiving money doesn’t require OTP
We all should realise that OTP is required only for making payments, not for receiving money. There are many cases where people hoping to receive funds have been duped by scammers claiming that they have to share the OTP received on their phone in order to complete receiving the payment.
(3) Don’t use suspicious apps on your smartphone
Scammers also use fake apps to steal OTPs and card details from users. App could pose as a calculator or a password wallet but actually share all your details with the scammers, giving them all the information (card numbers, CVV, OTPs) for them to steal money from your account.
(4) Contact official customer service numbers only
We all should be very careful while raising issues with customer support for service or an issue, it is highly recommended to use the respective Apps inbuilt report feature/email/contact numbers or alternatively take numbers from official websites only. Fraudsters create fake helpline numbers on search engine websites or create fake social media pages of renowned organisations to trick users into getting in touch with them for issues like refund or cash-back or expiring credit card reward points.
(5) Never Share Card Number, CVV and Expiry Dates
It’s very important to note that OTP is not required in case of an international transaction. All the scammer needs is the card number, CVV and expiry date to do an online international transaction. So, never share card number, CVV and expiry dates to anyone.
(6) Other Tips Include
a. Check for https:// and lock icon for secure online transactions
b. Never transfer or receive money while on call
c. Never click on short links more
Use a simple non internet phone like nokia 1100 for sim thats registered with bank. Whenever one does transaction on internet through laptop or through mobile banking, this other phone will receive the otp that can not be hacked. Its not as inconvenient as it seems. more
Keep at least two bank accounts. Keep a reasonable amount of money in one account which is sufficient, in your opinion, to meet your regular monthly needs, in a few thousands and attach the debit card to that account. Use it only for online transactions, say for purchasing merchandise online, pay your bills, book hotels/ train tickets, buy petrol/gas and so on. Perk your major savings in another bank account where you use cheque facility only, for which you need no OTP/CVV etc. For elderly people, this is a bit of guarantee against losing a big chunk of their hard-earned savings due to a single judgmental mistake.
So prevention is better than cure. But mostly people lose money to their greed and lust than to the evil designs of the scamsters. One who believes that the Bank Manager of his bank is so eager to solve his/her KYC problem on a happy Sunday morning when all banking operations are closed is too naive to blame others for the misfortune. And believe me, it happens so regularly. Funny but true! more