7 am-7 pm: The business hours of digital fraudsters, says HDFC Bank

65%-70% of cyber frauds happen during banks' business hours since fraudsters want to gain the trust of their victims and sound convincing, said an HDFC Bank executive

online scam, online fraud — Representational image

4 min read Last Updated : Sep 30 2021 | 10:35 PM IST

During the peak of the economic boom in late 2000, many banks offered 8 am to 8 pm banking services to their customers. As digital transactions gained traction in the following decade, so has online fraud. An analysis of such online frauds shows that the preferred time for the operation of fraudsters is also during the peak business hours – 7 am to 7 pm.

A fraud dispute time analysis for the first three months of the current financial year by HDFC Bank – the largest private sector lender of the country – shows 70% of the frauds happened during 7 am to 7 pm. According to the bank, digital frauds have seen a makeover since the beginning of the pandemic and are now becoming sophisticated enough to gain people's trust.

There has been an increase in online mode of payments as compared to physical and paper-based instruments, data from Reserve Bank of India showed. Digital payment systems recorded a growth of 26.2 per cent in terms of volume during 2020-21 on top of 44.2 per cent rise in the previous year.

“These scammers do not rely much on technical ways such as hacking to defraud people,” said Manish Agarwal, Head - Risk Intelligence and Control, HDFC Bank.

“In fact, most of the frauds now happen through social engineering. The fraudsters are well aware of current affairs, regulations, etc. and use them as their theme to target customers,” Agarwal told Business Standard in an interaction.

According to Agarwal, fraudsters are generally concentrated in geographies around the metros and urban centres. This is primarily because law enforcement agencies' reach is strong in metro centres.

Social engineering is the preferred modus operandi of the fraudsters, as their scripts are generally themed around greed, help, threat and commerce.

They lure the customer with a lottery (greed); promise to help the customer to redeem card points; warn the customer to update KYC else the account will be deactivated (threat). There are also instances when the customer initiates a transaction (commerce) by ordering online from an unverified site (liquor for instance) and thereby falling prey to fraudsters.

“65%-70% of cyber frauds happen between 7 am and 7 pm since fraudsters want to gain the trust of their victims. Calling during working hours make their offers appear more convincing and customers often fall prey to them as the calls appear legitimate,” Agarwal said while explaining the rationale behind the timing.

Another interesting point revealed by the analysis is that as many as 80-85% of the affected customers are in the age group 22-50, who supposedly belonged to the more tech savvy age bracket.

“While, technically, almost 80-90% of frauds happen due to customer negligence, many times customers get defrauded even without sharing confidential information,” Agarwal said.

Fraudsters, on the pretext of helping their targets, are now making victims download certain genuine applications (app) and gaining access to their phones. Hence, without even asking their targets, fraudsters are gaining access to confidential information through these legitimate apps.

“For instance, there are genuine apps which are used by IT professionals to service their customers in different locations. Through these apps, they take control of their customers' laptops/phones in order to mend and resolve issues,” Agarwal added.

Apart from asking customers not to share OTP, PIN and other confidential information, HDFC Bank is also asking them not to click any unknown links and make payments on unrecognised e-commerce platforms.

The home ministry has operationalized a centralised helpline number, 155260, and a reporting platform where victims can report incidents of cyber fraud. The helpline is manned by respective state police and reported incidents are handled through the Citizen Financial Cyber Fraud Reporting and Management System, which is integrated with law enforcement agencies, banks, and financial institutions.

Agarwal said HDFC Bank is asking customers not to click any unknown links and make payments on unrecognised e-commerce platforms.

“Customers are also being made aware that if someone is promising to send money, it does not require them to share any type of authorisation or PIN authentication,” Agarwal added.