 "fraud")
Have you been a victim of OTP frauds? Worry no more. The Home Ministry, SBI Cards and Payment Services Ltd (SBI Card), and telecom operators are joining forces to combat the rising issue of OTP theft and the broader threat of cyber fraud targeting the banking sector, according to a report by ET.
What is the modus operandi of OTP fraud?
According to International Safety Equipment Association (ISEA), OTP fraud exploits the security feature designed to protect online transactions — One Time Passwords (OTPs). Here’s how fraudsters operate:
Impersonation: They might call or meet potential victims while pretending to be company executives or official agents, offering:
Free gifts, discounts, or special offers
Also Read
Easy loan approvals
KYC updates
Increased credit limits
Malware: Sending links laden with malware that, once downloaded, can intercept OTPs.
Social engineering: Convincing people to disclose their OTP under various pretexts, such as confirming the cancellation of an erroneously placed order.
What are the dangers?
— Financial loss
— Data breaches
— Malware attacks
— Hacking of mobile devices and computers
What is the government doing about it?
The government, along with SBI Card and telecom companies, is developing a solution to monitor discrepancies between a customer's registered address and the OTP delivery location.
Potential measures include:
Real-time alerts: Notifying customers of discrepancies between their SIM's location and the geolocation of OTP delivery.
Blocking OTPs: In cases where fraudulent activity is suspected, OTPs could be blocked to prevent misuse.
According to media reports, this initiative is currently in a testing phase, aiming to utilise telecom databases to ensure the correct geographical delivery of OTPs. The system will compare the geolocation data with the customer's registered home address, enhancing security measures against cyber fraud.
What must you do to prevent yourself from being duped?
In light of the significant amount of cyber fraud reported by the Indian Cyber Crime Coordination Centre (i4C), it's crucial to adopt stringent personal security measures. Between April 2021 and December 2023, cybercriminals, predominantly from China, Cambodia, and Myanmar, managed to siphon off as much as Rs 10,319 crore. The establishment of the 'Citizen Financial Cyber Fraud Reporting and Management System' under i4C has notably blocked about Rs 1,200 crore in fraudulent transactions, responding to over 470,000 complaints from citizens up until February 2024. In 2023 alone, 1.12 million complaints were registered, highlighting fraudulent transfers amounting to Rs 7,488 crore.
How can you protect yourself from cyber fraud? ISEA suggests
1. Be wary of SMS and emails: Avoid clicking on links or downloading attachments from unknown sources. Treat any request for personal information or OTPs with suspicion.
2. Update banking apps and phone software: Ensure that you are using the latest version of your banking applications and keep your smartphone's operating system and apps updated to incorporate the latest security patches.
3. Use official app stores: Only download apps from trusted sources like the Google Play Store or Apple App Store to reduce the risk of malware.
4. Stay informed: Regularly check news for updates on cybersecurity threats and familiarise yourself with your bank’s security guidelines through their official website.
5. Enable Two-Factor Authentication (2FA): Add an extra layer of security to your banking accounts by enabling 2FA, which requires not only your password but also something only you have access to, like a one-time password or a mobile app.
6. Verify unexpected calls: If you receive a call from someone claiming to be from your bank, be cautious. Hang up and call back using a phone number you trust, such as one from the bank’s official website, to verify the legitimacy of the call.
7. Secure your Wi-Fi connection: Avoid using public Wi-Fi networks for financial transactions. Ensure your home network is secure and encrypted to protect your online banking activities.
