New Delhi: As the means of transactions and banking operations have increased, so are the possibilities of bank frauds. Transferring money from one account to another, without topping up the funds in the mobile wallet, has become possible by the advent of Unified Payment Services (UPI). Fraudsters have cracked various means by which they infiltrate the security and remotely to transactions by getting access to mobile devices.
According to ICICI Bank, fraudsters lure the customers to download an app called ‘AnyDesk’ from Play Store or App Store which then helps them in providing remote access of mobile devices of other users.
How fraudsters obtain access to your mobile devices
- Once the ‘AnyDesk’ application is downloaded, a 9-digit number (app code) gets generated on customers mobile. Fraudsters then ask the customers to share that 9-digit code.
- Once the fraudster inserts this 9-digit app code on their device, then they would ask the customer to grant certain permissions which are similar to what is required while using other mobile applications.
- After the permissions are granted by the customer, the fraudsters gain access to the customer’s device.
- Following this, the mobile app credentials are vished from the customer and the fraudster can do the transaction through the mobile application already installed on the customer’s device.
- Through this, the fraudster can do transactions through any mobile banking application and payment related apps including UPI, wallets etc.
15 safety tips by ICICI Bank
- Always verify and install the authenticated UPI app/payment wallets from the Google Play Store and Apple Store owned by trusted or reputed companies/banks
- Never download any transaction application recommended or requested by any unknown person or of which you have never heard about.
- Always read reviews before downloading any application/ UPI app/ payment wallet.
- Be alert before giving permissions while downloading any application on your mobile.
- Register your e-mail ID and verify to get notified of any untoward or unauthorised action on your account.
- If you misplace or lose your phone, please get the SIM blocked immediately and log out of your account from the web.
- Always check your banking transaction alerts sent via SMS and email for unauthorised transactions.
- Once you find an unauthorised transaction, immediately inform the bank.
- Do not transfer funds without knowing to whom you are transferring. Ensure due diligence.
- Never share your UPI wallets PIN, password, OTP and M-PIN with anyone, even if the person claims to be a bank employee.
- Do not click on any unknown link via SMS and email for making a digital payment. Always use trusted and protected website.
- Never share your card details like PIN, One-Time Password (OTP), CVV, expiry date, grid value, types of card (Visa, Master, Rupay etc.) to anyone even if the person claims to be from the bank.
- Change your passwords regularly. Passwords should have a unique character, so that they are not guessed by anyone.
- Always validate Mobile Money Identifier (MMID) and mobile number.
- Be observant of incoming Unstructured Supplementary Service Data (USSD) requests.