Only Awareness Can Save You From Today's Virtual World

IMPORTANT: Safeguard yourself against unauthorized access of mobile device fraudulently Be Aware Be Safe

Only Awareness Can Save You From Today's Virtual World

Netbanking/UPI/Mobile wallet Users,

One of the recent techniques involves a fraudster taking unauthorized access of a victim's mobile device to carry out fraudulent transactions via UPI using the AnyDesk, Team Viewer or any other third party App.

This is how they do it:

• You may receive a phone call from a fraudster, who will claim to be a representative from a tech company / bank offering to fix issues in your smartphone or mobile banking apps. He may also pose as a Complaint Manager calling you to fix your genuine registered complaint which you may have with respect to the Online / Mobile Banking

• Fraudsters find your phone number from the social media or from the complaint desk

• The fraudster will then lure you to download a mobile app like 'AnyDesk', 'Team Viewer ' or any third party App from Play store or App Store, which can provide him with remote access to your mobile.

• Post the installation of the app a few digit code will be generated, which the fraudster will ask you to share.

• Then the fraudster will further ask you to grant him certain permissions. Once granted, fraudster is now in control of your mobile device.

• Further, Mobile Banking credentials and PIN are vished (stolen) from you and the fraudster can now choose to carry out financial transactions from your mobile app which was already installed.

They also:

• Forward an SMS to you and advise you to forward it to a specific mobile number from your phone.

• On the basis of this, the fraudster is able to link / register your mobile number / account with UPI on his own mobile device.

• The fraudster subsequently seeks confidential account related credentials like Debit Card number, PIN, expiry date, OTP and sets the MPIN which is then used to authenticate transactions.

In few instances they could also:

• Send “Collect request" to your VPA and ask you to approve / authenticate it on the respective UPI apps to get reversal / refunds. Please note that UPI PIN is NOT required to be entered to receive payment from anyone.

• Assuming that you will get credit / refund in your account, you approve the request by authenticating the transaction with MPIN (which is only known to you) but you might end up losing money since your account gets debited once the collect request is approved / authenticated.