<p>Some of the most frequent online scams taking place in India include frauds through UPI, credit and debit cards, and more recently, the ‘fedex’ kind of scams. All of these involve an element of social engineering, or tricking the victim into authorising payments to scammers.</p>.<p>An example is what happened with a banking executive here in Bengaluru. The person received a WhatsApp message from a friend urgently asking for Rs 25,000. “Once I transferred the money, I received another WhatsApp message asking for more money. That’s when I realised this was a scam”, the banking executive said.</p>.No clues on loan app scam suspects in 37% of cases.<p>This person’s friend is unsure how her WhatsApp was hacked. By the looks of it, a hacker registered a WhatsApp account with the friend’s phone number. To do this, a hacker likely pretended to be a telecom operator who tricked the victim into dialling a certain code to forward calls to another network for ‘better connectivity’.</p>.<p>This will only forward victim’s calls to the hacker who can then register a WhatsApp account with the victim’s phone number by getting the WhatsApp registration unique code via call. In this way WhatsApp can be activated on the hacker’s phone, and will be deactivated on the person’s account.</p>.<p><strong>Credit/debit scams</strong></p>.<p>Just as you are about to complete a transaction online you might get a call from a scammer posing as a bank executive or the shop you were trying to buy something from. There are people who actually share their debit/credit card number, CVV, PIN, and OTP to authorise transactions. And this is where the need for better financial literacy comes in. Once the hackers have this information, they don’t necessarily need the OTP but can use the debit/credit card number, CVV, and PIN to initiate transactions from your account.</p>.<p>How does the scammer know you are about to buy something online? It could be that the victim unknowingly clicked on a suspicious link received via email, SMS or via social media that downloaded malware that lets hackers remotely monitor all keys you are pressing, thereby able to track your phone activity.</p>.<p>Courier or ‘Fedex’ scams are also becoming a highly popular tactic. A gang of scammers posing as Fedex executives and police personnel or customs authorities scare victims by threatening imprisonment, saying that a package in their name contains drugs. The victims, out of sheer fear, start cooperating, even isolating themselves in a form of ‘digital arrest’ then stripping for a virtual ‘narcotics test’ interrogation which scammers record then threaten to leak online if their ransom demands are not met.</p>.<p><strong>How can you stay safe?</strong></p>.<p>“It will be helpful if victims are transparent about how they were hacked”, says cybersecurity expert Ritesh Bhatia. “Most victims never share the full story. They will only say ‘I shared my OTP then I was hacked’. This is never the case since hackers need far more information like CVV, and PIN to conduct unauthorised transactions”, said Bhatia. </p>.<p>Please remember that ‘Digital arrest’ is a fake concept created by scammers. The police cannot conduct an online interrogation or arrest you via the internet. When you lose money, act within the ‘Golden Hour’. You have the best chance of retrieving your money if you inform authorities within an hour of the incident.</p>.<p>Tell your bank to block your cards. It is advisable to visit the nearby police station or cybercell and file a complaint within an hour of the incident. It creates more urgency. The earlier you complain, the earlier the police can work with the banks to stop the scammer from transferring your money to a third or fourth account.</p>.<p>Currently the police across cities are dealing with understaffed cybercrime cells and a backlog of complaints. So remember to act fast.</p>.<p>Or call 1930, which is the official cybercrime number, and lodge a complaint. Money stolen is usually money lost forever but at least there is a record of the scam in the national database and will help inform future prevention plans.</p>.<p>Try not to share your number with every business that asks for your number. Most organisations sell customer phone numbers, with your phone number eventually ending up in the hands of scammers.</p>.<p><em>(The author is a freelance journalist. The views are her own)</em></p>
<p>Some of the most frequent online scams taking place in India include frauds through UPI, credit and debit cards, and more recently, the ‘fedex’ kind of scams. All of these involve an element of social engineering, or tricking the victim into authorising payments to scammers.</p>.<p>An example is what happened with a banking executive here in Bengaluru. The person received a WhatsApp message from a friend urgently asking for Rs 25,000. “Once I transferred the money, I received another WhatsApp message asking for more money. That’s when I realised this was a scam”, the banking executive said.</p>.No clues on loan app scam suspects in 37% of cases.<p>This person’s friend is unsure how her WhatsApp was hacked. By the looks of it, a hacker registered a WhatsApp account with the friend’s phone number. To do this, a hacker likely pretended to be a telecom operator who tricked the victim into dialling a certain code to forward calls to another network for ‘better connectivity’.</p>.<p>This will only forward victim’s calls to the hacker who can then register a WhatsApp account with the victim’s phone number by getting the WhatsApp registration unique code via call. In this way WhatsApp can be activated on the hacker’s phone, and will be deactivated on the person’s account.</p>.<p><strong>Credit/debit scams</strong></p>.<p>Just as you are about to complete a transaction online you might get a call from a scammer posing as a bank executive or the shop you were trying to buy something from. There are people who actually share their debit/credit card number, CVV, PIN, and OTP to authorise transactions. And this is where the need for better financial literacy comes in. Once the hackers have this information, they don’t necessarily need the OTP but can use the debit/credit card number, CVV, and PIN to initiate transactions from your account.</p>.<p>How does the scammer know you are about to buy something online? It could be that the victim unknowingly clicked on a suspicious link received via email, SMS or via social media that downloaded malware that lets hackers remotely monitor all keys you are pressing, thereby able to track your phone activity.</p>.<p>Courier or ‘Fedex’ scams are also becoming a highly popular tactic. A gang of scammers posing as Fedex executives and police personnel or customs authorities scare victims by threatening imprisonment, saying that a package in their name contains drugs. The victims, out of sheer fear, start cooperating, even isolating themselves in a form of ‘digital arrest’ then stripping for a virtual ‘narcotics test’ interrogation which scammers record then threaten to leak online if their ransom demands are not met.</p>.<p><strong>How can you stay safe?</strong></p>.<p>“It will be helpful if victims are transparent about how they were hacked”, says cybersecurity expert Ritesh Bhatia. “Most victims never share the full story. They will only say ‘I shared my OTP then I was hacked’. This is never the case since hackers need far more information like CVV, and PIN to conduct unauthorised transactions”, said Bhatia. </p>.<p>Please remember that ‘Digital arrest’ is a fake concept created by scammers. The police cannot conduct an online interrogation or arrest you via the internet. When you lose money, act within the ‘Golden Hour’. You have the best chance of retrieving your money if you inform authorities within an hour of the incident.</p>.<p>Tell your bank to block your cards. It is advisable to visit the nearby police station or cybercell and file a complaint within an hour of the incident. It creates more urgency. The earlier you complain, the earlier the police can work with the banks to stop the scammer from transferring your money to a third or fourth account.</p>.<p>Currently the police across cities are dealing with understaffed cybercrime cells and a backlog of complaints. So remember to act fast.</p>.<p>Or call 1930, which is the official cybercrime number, and lodge a complaint. Money stolen is usually money lost forever but at least there is a record of the scam in the national database and will help inform future prevention plans.</p>.<p>Try not to share your number with every business that asks for your number. Most organisations sell customer phone numbers, with your phone number eventually ending up in the hands of scammers.</p>.<p><em>(The author is a freelance journalist. The views are her own)</em></p>