BE (A) WARE
A BOOKLET ON MODUS OPERANDI OF FINANCIAL FRAUDSTERS
OFFICE OF THE RBI OMBUDSMAN (MUMBAI-II)
MAHARASHTRA AND GOA
Reserve Bank of India
Table of Contents
Preface
There has been a sizable surge in usage of digital modes of payment during the recent years. This has not only led to improved customer convenience, but also contributed to achievement of national objective of financial inclusion to a great extent. As the ease of doing financial transactions improved, the number of frauds in retail financial transactions have gone up. Fraudsters have been using innovative methods to defraud the hard-earned money of common and gullible people, especially new entrants who are not entirely familiar with the techno-financial eco-system.
In compiling this booklet, the sole objective has been to pack between its covers maximum possible extent of practical information of real value, especially for those who are inexperienced in financial transactions. It is not just a collection of incidents, gathered at random from various sources, but a meticulously compiled document from the variety of complaints received at offices of Banking Ombudsman. This booklet is an attempt at creating awareness among public about the modus operandi of the fraudsters, while also providing some inputs about precautions to adopt while carrying out financial transactions. This booklet emphasizes the need to keep one’s personal information safe, beware of unknown calls/emails, practicing due diligence while performing financial transactions and changing the secure credentials/ passwords from time to time. Hence the title BE(A)WARE – Be Aware and Beware!
This booklet is part of the public awareness building initiative by this Office.
Modus Operandi and Precautions to be taken against Fraudulent Transactions – Banks
1. Phishing Links
Modus Operandi
➢ Fraudsters create a third-party website which looks like existing genuine website, such as bank’s website or e-commerce website or search engine, etc.
➢ These links are generally circulated by fraudsters through SMS / social media / email / Instant Messenger, etc.
➢ Most of the time, customers enter secure credentials by just having a glance and clicking at the link but not checking the detailed URL.
➢ The links are masked through authentic looking names of websites, but in reality, the customer gets redirected to phishing website.
➢ When customers enter secure credentials on these websites, the same is captured and used by the fraudsters.
Precaution
One should not click unknown links and should delete the SMS / email immediately to avoid accessing them in future. Care should be taken to verify the website details especially where it requires entering financial credentials.
2. Vishing Calls
Modus Operandi
➢ Imposters call or approach the customers through telephone call / social media as bankers / company executives / insurance agents / government officials, etc., and seek confirmation of the secure credentials by sharing few details such as name or date of birth to gain confidence.
➢ In some cases, the imposters pressurize / trick customers into urgently / immediately sharing confidential details citing
emergency, details required to block transaction, payment required to stop penalty, get attractive discount, etc. These credentials are then used to defraud the customers.
Precaution
Bank officials / financial institutions / any genuine entity never ask customers to share confidential information such as username / password / card details / CVV / OTP.
3. Frauds using Online Selling platforms
Modus Operandi
➢ Fraudsters pretend to be buyers on online selling platform & show interest in your product.
➢ Instead of paying money to you, they use “request money” option through UPI app and insist to approve the request to pull money from your bank account. Please enter PIN to receive money!!
Precaution
➢ One should be careful while making financial transactions for online products.
➢ Always remember, to receive money there is no need to enter your PIN / password anywhere.
➢ If UPI or any other app asks you to enter your PIN to complete transaction, it means you will end up sending money instead of receiving it.
Table of Contents
| Subject | Page No | |
| Preface | 1 | |
| Part – A- Modus operandi of fraudulent transactions- Banks | 2 | |
| 1 | Phishing links | 3 |
| 2 | Vishing calls | 4 |
| 3 | Frauds using Online Selling platforms | 5 |
| 4 | Frauds due to unknown / unverified mobile apps | 6 |
| 5 | ATM card skimming | 7 |
| 6 | Frauds using screen sharing app / Remote access | 8 |
| 7 | SIM swap / SIM cloning | 9 |
| 8 | Frauds by compromising credentials on results through search engines | 10 |
| 9 | Scam through QR code scan | 11 |
| 10 | Impersonating through social media | 12 |
| 11 | Juice Jacking | 13 |
| 12 | Lottery Fraud | 14 |
| 13 | Online Job Fraud | 15 |
| Part B- Modus operandi of fraudulent transactions-NBFCs | 16 | |
| 1 | Fake Advertisements for extending loan by Fraudster Company | 17 |
| 2 | SMS / Email / Instant Messaging / Call Scam | 18 |
| 3 | OTP based fraud | 19 |
| 4 | Fake Loan websites / App Frauds | 20 |
| 5 | Money circulation/Ponzi/Multi-Level Marketing (MLM) Schemes Fraud | 21 |
| 6 | Fraudulent loans with forged documents | 22 |
| Part -C – General Precautions to be taken for financial transactions | 23 | |
| Glossary | 30 |
