IMPORTANT: Safeguard yourself against unauthorized access of mobile device fraudulently Be Aware Be Safe
Only Awareness Can Save You From Today's Virtual World
Netbanking/UPI/Mobile wallet Users,
One of the
recent techniques involves a fraudster taking unauthorized access of a victim's
mobile device to carry out fraudulent transactions via UPI using the AnyDesk,
Team Viewer or any other third party App.
This is
how they do it:
• You may
receive a phone call from a fraudster, who will claim to be a representative
from a tech company / bank offering to fix issues in your smartphone or mobile
banking apps. He may also pose as a Complaint Manager calling you to fix your
genuine registered complaint which you may have with respect to the Online /
Mobile Banking
• Fraudsters
find your phone number from the social media or from the complaint desk
• The
fraudster will then lure you to download a mobile app like 'AnyDesk', 'Team
Viewer ' or any third party App from Play store or App Store, which can provide
him with remote access to your mobile.
• Post the
installation of the app a few digit code will be generated, which the fraudster
will ask you to share.
• Then the
fraudster will further ask you to grant him certain permissions. Once granted,
fraudster is now in control of your mobile device.
• Further,
Mobile Banking credentials and PIN are vished (stolen) from you and the
fraudster can now choose to carry out financial transactions from your mobile
app which was already installed.
They
also:
• Forward an
SMS to you and advise you to forward it to a specific mobile number from your
phone.
• On the
basis of this, the fraudster is able to link / register your mobile number /
account with UPI on his own mobile device.
• The
fraudster subsequently seeks confidential account related credentials like
Debit Card number, PIN, expiry date, OTP and sets the MPIN which is then used
to authenticate transactions.
In few
instances they could also:
• Send
“Collect request" to your VPA and ask you to approve / authenticate it on
the respective UPI apps to get reversal / refunds. Please note that UPI PIN is
NOT required to be entered to receive payment from anyone.
• Assuming
that you will get credit / refund in your account, you approve the request by
authenticating the transaction with MPIN (which is only known to you) but you
might end up losing money since your account gets debited once the collect
request is approved / authenticated.
