According to the latest Reserve Bank of India (RBI) data, an unprecedented 6,801 frauds, totalling Rs 71,500 crore, were detected in FY19. That amounts to a 15% rise in volume and 80% climb in value from last year.
In 2018-19, over 6,800 cases of bank fraud involving an unprecedented Rs 71,500 crore was reported, the Reserve Bank of India has said. A total of 5,916 such cases were reported by banks in 2017-18 involving ₹41,167.03 crore, it said.
The government and banks through various channels inform people to not share their passwords, PINs, account details etc. but still, some gullible customers fall prey to these fraudsters and end up loosing their life long savings.
Here are some simple steps to help avoid compromising your details to online scams such as Phishing, Vishing, Spoofing etc. If you come across any abnormal activity on your Bank Account, immediately inform the bank through their channels or at their 24/7 Contact Centre.
Phishing: It is a global problem faced by Banks worldwide. It is an attempt to 'fish' for your banking details. Phishing could be an e-mail that appears to be from a known institution like banks/a popular website asking confidential data like user id and transaction password, One Time Password (OTP), Unique Reference No. (URN) etc.
Spear Phishing: It is a targeted phishing attempt through an e-mail that appears to come not only from a trusted source with a context customized /personalized and often will be one of relevance to either current projects of developments within the company, or may be related to family event.
Spoofing: These attacks refer to tricking or deceiving the users, by faking the identity of another user, over email, phone, website etc. Website spoofing is the act of creating a website, as a hoax, with the intention of performing fraud. To make spoof sites seem legitimate, phishers use the names, logos, graphics and even code of the actual website. They can even fake the URL that appears in the address field at the top of your browser window and the Padlock icon that appears at the bottom right corner. Even Emails can be spoofed to make the victim believe that it has been sent by ‘Trusted’ sender and lead victim to share sensitive information.
Vishing: It is an attempt of a fraudster to take confidential details from you over a phone call. Details like user id, login & transaction password, OTP (One time password), URN (Unique registration number), Card PIN, Grid card values, CVV or any personal parameters such as date of birth, mother's maiden name. Fraudsters claim to represent banks and attempt to trick customers into providing their personal and financial details over the phone. These details will then be used to conduct fraudulent activities on your account without your permission leading to financial loss.
SIM Swap: Your mobile phone is a convenient banking channel. You can get account-related alerts and the One Time Password (OTP) required to carry out banking transactions and make various financial inquiries through your mobile. However, if you do not take a few simple precautions, a criminal can divert these alerts by getting your genuine SIM exchanged with a duplicate SIM through your service provider, and attempt to commit a fraud.
Smishing: It is a combination of short message service (SMS - also known as text messaging) and phishing (the act of emailing someone with the intent of obtaining personal information that can be used for identity theft). In this case, fraudster sends message over SMS, rather than Email. Smishing message may look like "You have won a 2 free tickets to an Amusement Park, visit this website to claim your prize". Clicking on the link may lead you to a website asking for personal information. These are becoming more common due to smart phones becoming more popular.
Frauds through social networks: Social media sites are fast being popular among fraudsters also and celebrations are easy times to lure the youth of today. For example, the latest tool observed is an invite to install a “Valentine theme” on one of the most popular social networking website. The install button prompts the download of a malicious browser extension which monitors the user’s activities. Sometimes users are redirected to a survey page asking them for vital information like name, mobile number etc.
General Safety Tips To Follow:
The Bank or Government and Regulatory bodies, including the Income Tax Department/ Reserve Bank of India (RBI), will never ask for any confidential information over e-mail or phone call
Treat any e-mail message that asks for confidential/ personal information with suspicion. Do not respond to any web-forms in e-mails, that ask for your NetBanking or email user id/ passwords, ATM card number or PIN, Date of Birth, Mobile number etc.
Never use a link in an e-mail message to log on to the BANK’s website. Type the URL directly into your browser's address bar to ensure that you are reaching the correct web page.
Do not open e-mail attachments from unverified/ unexpected sources or instant message download links. Delete such suspicious e-mail messages immediately
Do not access the Bank’s NetBanking or make payments using your Credit/ Debit Card from shared or unprotected computers in public places
Setup either email and/ or SMS alerts on your Bank’s NetBanking for all transactions on your account(s).
