UPI, Payment Wallet Fraud Alert! What are rogue banking apps and how to spot them? Know the safety tips
Rogue banking apps are illegitimate or look-alike banking apps with embedded malware with an intention to steal sensitive/critical data or banking credentials.
Fraudsters misuse the request feature on UPI by sending fake payment requests with messages like Enter your UPI PIN to receive money, Payment successful receive Rs XXXXX, etc. The customers need to enter PIN only for sending money. Do not Pay or enter your UPI PIN to receive money. Do not transfer funds without knowing to whom you are transferring. Ensure due diligence
Fraud via QR Code
Similarly, fraudsters share a QR code over WhatsApp asking for the code to be scanned to receive money in their account. Once the QR code is scanned on the mobile, all the banking credentials get shared with the fraudsters. QR code scanning is like granting banking controls to fraudsters. QR code needs to be scanned only to make payments. So, never scan QR code for receiving payments. Never share your UPI wallets PIN, card details like PIN, One-Time Password (OTP), CVV, expiry date, grid value, types of card (Visa, Mastercard, Rupay, etc.) to anyone even if the person claims to be from bank.
At the same time, fraudsters lure the customers to download screen sharing/remote access apps like ’Screenshare’, 'AnyDesk', ‘Team Viewer’, etc. from Play Store or App Store. There are more apps similar to these apps that help in providing remote access of devices to other users. These apps are not malware, but they do grant access to your mobile data to a third party. Once the app is downloaded, a 9 or 10-digit number (app code) gets generated on the customer's mobile/ device which the fraudster would ask the customer to share.
Once the fraudster inserts this 9-digit app code on his/her device, then s/he would ask the customer to grant certain permissions which are similar to what is required while using other apps. Post this, the fraudster will gain access to the customer’s device. Then, the customer shares the mobile app credentials and the fraudster can do the transaction through the mobile app which is already installed on the customer’s device. So, never download third-party apps such as Screenshare, Anydesk, Teamviewer, etc. based on-call requests from an unknown person even if the caller claims to be from Bank or wallet company. Never download any application/ UPI app/ payment wallet recommended/ requested by any unknown person.
Fraud via Social Media
Moreover, fraudsters track complaints in social media and share fake contacts or impersonate bankers or RBI officials in response to a post and ask for confidential information which no banker is supposed to ask for. Do not search for helpline numbers on Google, Facebook, Twitter. Instead, check the official website.
Likewise, fraudsters manage to get a duplicate SIM, which provides them access to one-time passwords. They do this by pretending to be from a mobile company and asking you to forward an SMS containing the SIM card number to activate the duplicate SIM. Do not respond to texts, e-mails from unknown addresses to click on links.
See Zee Business Live TV Streaming Below:
Rogue Banking Apps
Rogue banking apps are illegitimate or look-alike banking apps with embedded malware with an intention to steal sensitive/critical data or banking credentials. These may be generally available online as freeware.
Cybercriminals are known to imitate legitimate versions of apps and embed them with mobile malware – an act called Trojanizing. These malicious apps are designed to look like real mobile banking apps. Cybercriminals use different tricks like using the same images and icons and closely imitating the publisher’s name
Some rogue mobile apps may come with well-written legal terms usually highlighting the fact that the app may charge you. Even if these legal terms make the app seem legit, its best you read them carefully.
The rogue app can drain your phone battery really fast. So, battery running low frequently might be a sign of infection with malware or virus. Check your phone bill periodically and keep tabs on any suspicious activity. If you spot unusual activity in your phone or in your bill, contact your mobile network provider. Check the app’s download page for inconsistencies or misspellings. Those are tell-tale signs of a fake.
Get Latest Business News, Stock Market Updates and Videos; Check your tax outgo through Income Tax Calculator and save money through our Personal Finance coverage. Check Business Breaking News Live on Zee Business Twitter and Facebook. Subscribe on YouTube.
RECOMMENDED STORIES
Rs 3,500 Monthly SIP for 35 years vs Rs 35,000 Monthly SIP for 16 Years: Which can give you higher corpus in long term? See calculations
Small SIP, Big Impact: Rs 1,111 monthly SIP for 40 years, Rs 11,111 for 20 years or Rs 22,222 for 10 years, which do you think works best?
Power of Compounding: How long it will take to build Rs 5 crore corpus with Rs 5,000, Rs 10,000 and Rs 15,000 monthly investments?
01:12 PM IST