Mumbai Cyber Fraud: Virar man says Rs 27,000 deducted from HDFC credit card without using any OTP

While the coronavirus pandemic has brought the world to a standstill, there has been a multiple-fold increase in cyber frauds. One such incident came to light on Thursday.

Anand Chaudhary, the Virar resident, received a jolt when two transactions of Rs 13,500 were done from his father's HDFC credit card without using any OTP. "We got to know this in the morning when my father checked his phone. We received messages of Rs 13,531 being deducted twice. The transactions were around 1 am on Thursday. No OTP was used during these transactions. The message does not even state the name of the vendor or person the money was transferred to."

Chaudhary further said that he then confirmed with his brother, who stays in Netherlands, whether he did in any transactions using the credit card, but he denied using the card for any transactions. Chaudhary then called HDFC customer care. The executive asked Chaudhary to fill up a complaint form. "Even after filling up the form we didn't receive any receipt of the complaint, so I called the HDFC customer care again. They told me a team will investigate the complaint and get back in a day. And after the investigation gets completed the bank will work on the refund," Chaudhary said.

Before completing the payment, the bank always sends an OTP code which allows the user to finish the transaction—without the OTP one can't proceed. In Chaudhary's case, since his father received no OTP, questions are being raised on the safety of credit cards. In a bid to understand how transactions can be carried out on a credit card without the OTP, we spoke to cyber expert.

Shedding light on this mystery, Kiran Pawar, a cyber expert, said that there are some applications house a bug called ‘Fleeceware’, which come with hidden, excessive subscription fees. The makers of these apps try their best to hide these hidden charges using various techniques so that the users unwittingly end up paying money to the tricksters.

"There are some applications we pay subscription for and don't require OTPs. There are some International vendors who doesn't require OTPs. These things are mentioned in the apps' terms and conditions. That is why it’s necessary to read the terms and conditions carefully," Pawar said.

The cyber expert also added that people should take precautions while paying for applications on Google Play store and Apple app store by thoroughly checking the terms of service and the payment model. Monitor the various apps' subscription details for any suspicious charges. The cyber expert also said that by merely deleting suspected Fleeceware apps may not spare you from the hidden charges. You might need to manually unsubscribe from the app by visiting the subscription details page.

(To receive our E-paper on whatsapp daily, please click here. We permit sharing of the paper's PDF on WhatsApp and other social media platforms.)

Free Press Journal