Fraud Alert: Hackers After Your Banking Details; Here Is How To Spot Fake QR Codes, Links & Rogue Apps

NEW DELHI: Cybercriminals are constantly seeking new ways to steal your money. Rogue banking apps, spoof banking apps, QR codes, and transaction links packed with malware are designed to steal sensitive/critical data or banking credentials.

Fraudsters make use of UPI’s request feature by making bogus payment requests with messages such as “Enter your UPI PIN to receive money,” “Payment successful receive Rs XXXXX,” and so on. Customers must input their PIN only while sending money. To receive money, do not pay or provide your UPI PIN. Transfer monies only if you know to whom you are transferring them. Make sure you’re doing your homework.

FRAUDS WITH QR CODE:

Similarly, fraudsters send a QR code via WhatsApp, requesting that it be scanned in order for money to be deposited into their account. When the QR code is read on a mobile device, the fraudsters gain access to all of the user’s banking details. Scanning QR codes is akin to giving thieves access to your bank account. Only to make payments does a QR code need to be scanned. As a result, never use a QR code to receive payment. Even if the person claims to be from the bank, never give out your UPI wallet PIN or card details such as PIN, One-Time Password (OTP), CVV, expiration date, grid value, or card kinds (Visa, Mastercard, Rupay, etc.) to anybody.

Simultaneously, con artists entice clients to download screen sharing/remote access apps from the Play Store or App Store, such as ‘Screenshare,’ ‘AnyDesk,’ ‘Team Viewer,’ and so on. There are additional apps that work in a similar way to provide remote access to devices to other users. These apps aren’t malicious, but they do provide third party access to your mobile data. Once the app is downloaded, the customer’s mobile/device generates a 9 or 10-digit number (app code), which the fraudster will ask them to disclose.

Once the fraudster has inserted the 9-digit app code into the customer’s smartphone, the fraudster will ask the user to provide permissions identical to those necessary when using other apps. The fraudster will then be able to access the customer’s device. The customer then gives the customer’s mobile app credentials, allowing the fraudster to complete the transaction using the app that is already loaded on the client’s smartphone. So, even if the caller claims to be from a bank or wallet firm, never download third-party programmes like Screenshare, Anydesk, Teamviewer, or others based on-call requests from an unknown individual. Never download any app/UPI app/payment wallet that has been recommended or asked by an unknown person.

FRAUD VIA SOCIAL MEDIA 

Furthermore, scammers monitor complaints on social media and share bogus connections or impersonate bankers or RBI officials in response to a post, requesting personal information that no lender should ask for. Do not use Google, Facebook, or Twitter to look for helpline numbers. Check the official website instead.

Fraudsters can also obtain a replica SIM card, which gives them access to one-time passwords. They do this by impersonating a cell business and requesting that you forward an SMS containing the SIM card number in order to activate the cloned SIM. Do not click on links in texts or e-mails from unknown senders.

ROGUE BANKING APPS:

Rogue banking applications are unauthorised or cloned banking apps that contain malware designed to steal sensitive/critical data or banking credentials. These may be freely available on the internet.

Trojanizing is a technique used by cybercriminals to replicate legal versions of apps and incorporate mobile malware in them. These rogue apps are made to resemble legitimate mobile banking apps. Cybercriminals employ a variety of techniques, including the use of similar graphics and icons, as well as a strong resemblance to the publisher’s name.

Some fraudulent mobile apps may include well-written legal clauses that emphasise the app’s ability to charge you.

Even if these legal phrases appear to be legitimate, you should examine them carefully.

The rogue app can quickly deplete your phone’s battery. As a result, a battery that runs low regularly could be a symptom of malware or virus infection. Check your phone bill on a regular basis and keep an eye out for any unusual activities. Contact your mobile network operator if you notice unusual activity in your phone or on your bill. Look for discrepancies or misspellings on the app’s download page. That is a telltale indicator of a forgery.