UPI or Unified Payment Interface is a method to do payments digitally and is rapidly gaining popularity. This method is a comparatively recent entrant into the digital payments space as compared to other methods such as NEFT, IMPS, mobile wallets and so on.
As per a Times of India report, UPI has hit a landmark of one billion transactions in October. In addition to that, UPI has recently crossed 100 million users.
As the methods of making payments have become technologically advanced, fraudsters have also evolved different ways to scam you out of your hard-earned money.
- Types of frauds
Banks are now regularly sending emails and SMSs to their customers educating them on how the UPI based scam works and what they should do to avoid being scammed.
For instance, ICICI Bank is sending warning emails to their customers telling them about how fraudsters operate and what steps they should take to prevent the fraud.
According to the email sent by the bank to its customers, fraudsters ask customers to share their debit card details, forward text messages, share UPI registration one-time password (OTP), etc. over the phone. They use this data to create a new virtual payment address (VPA) ID for your account and set an MPIN to do the transactions. At times, fraudsters ask customers to click unverified links, etc. over text messages.
In another scam, according to another Times of India report from July, HDFC Bank and even the Reserve Bank of India had issued advisories warning all online banking users about a particular app that s being used by fraudsters to steal money. According to the report, this is how the scam worked: “Fraudsters may ask you to download AnyDesk App and share a 9-digit code which gets them access to your phone to steal money.”
The Times of India further stated that “The RBI has mentioned that while the AnyDesk app asks for regular privacy permissions, it is capable of acquiring full access to your smartphone remotely and would let fraudsters carry out banking transactions remotely.”
Now AnyDesk is a legitimate app that is a remote desktop software tool, which provides a third party a complete view of the user’s screen. Scamsters just use it to their advantage.
- How to avoid fraud
In order to prevent such frauds, this is what you should not do:
- Never share details such as debit card number, expiry date, registration OTPs on the call or other media. The bank never asks for such details.
- Avoid clicking on unknown links or forwarding any suspicious SMS
- Never share your UPI MPIN with anyone.
The steps advised by the ICICI Bank to prevent fraud are relevant for all customers using UPI to avoid getting scammed.
- What you should keep in mind
Banks and other financial institutions have been warning customers never to share their OTPs and their bank account details with anyone over the phone or via SMS. Also, bank officials never ask such details from their customers.
Recently apart from banks, other institutions such as IRDAI (Insurance Regulatory and Development Authority) and EPFO (Employees Provident Fund Organisation) have also been putting out warnings on their websites and via their social media accounts not share their personal and financial information with anyone on phone or with anyone posing as official from the respective institution.
(With inputs from Indiatimes)