In the last blog post, we saw how financial fraudsters can work in a dynamic environment and steal data. They have improved their hacking and sabotaging skills and are mastering them like professionals. As we have already learned about phishing links, frauds using online selling platforms, vishing calls, ATM card skimming, and frauds due to download of unknown/ unverified mobile apps, we will now discover other ways financial fraud can be committed using fraudulent transactions in a bank environment. To understand how they work and how we can prevent ourselves from these let’s look at the following:

1. Frauds using Remote Access/ Screen Sharing App

Modus Operandi

1. This type of attack is somewhat similar to an embedded download attack or the infamous spyware in the news, Pegasus. The scammer tricks the targeted consumer/ user to download screen sharing applications, which can later be accessed and controlled to use and watch the activities on the targeted device (laptop and/or phone), this helps in gaining access to the financial credentials of the prey.

2. Once these financial credentials have been obtained, they can be used for making online payments or accessing internet banking.

Precaution:

To keep the customers up-to-date and safe the booklet on modus operandi of financial fraudsters issued by the office of Reserve Bank of India (RBI) Ombudsman, Mumbai, suggests that users of digital banking should not download and activate/use any unknown apps or share screens with unknown people.

2. SIM Cloning/ SIM Swap

Modus Operandi

1. Subscriber Identity Module or Subscriber Identification Module is commonly known as SIM is used in account details and authentication is connected to the SIM or the registered mobile number. The scammer in this case obtains access to the SIM card or creates a duplicate SIM card for carrying out fraudulent activities by using the OTP received on such fake SIM cards.

2. Scammers usually pretend to be mobile network/personal phone to call customers and ask for details to provide a free SIM card upgrade from 3G to 4G or to provide additional discounts on SIM cards.

Precaution:

To keep the customers up-to-date and safe the booklet on modus operandi of financial fraudsters issued by the office of Reserve Bank of India (RBI) Ombudsman, Mumbai, suggests that a user must never share his/her credentials about the SIM card. Also, any suspicious activity must be looked out for, there is no service or network on the phone for a long time even in regular circumstances, and the operator must be contacted and made sure that another SIM is not being used or issued.

3. Frauds by compromising credentials on results through Search Engines

Modus Operandi

1. It has been observed that customers use search engines to obtain the detailed contact information of their banks, insurance companies, Aadhar Update Center, etc., and may eventually contact unknown/unverified contact numbers that appear in the engine search. These contact numbers might look authentic but are just scammers waiting to loot data.

2. These search engine contact details are often disguised by scammers to attract victims and lure them into using the said numbers.

3. Once the customer calls them, the imposter will ask the customer to provide their card details/ credentials for verification to make the call seem authentic but they are just scamming.

4. Assuming this contact is real, people will destroy your security data and will fall victim to fraud.

Precaution:

To keep the customers up-to-date and safe the booklet on modus operandi of financial fraudsters issued by the office of Reserve Bank of India (RBI) Ombudsman, Mumbai, suggests that a user must refrain and avoid looking for customer service contact information in search engines. They are usually disguised as scammers. Individuals should always search the official website of the bank/ company for contact information.

4. Scam through QR scan

Modus Operandi

1. A scam done under the pretext of a sake QR code. Scammers often use various excuses to contact customers/ targeted users to persuade them to scan the QR code using a payment application. This allows scammers to withdraw funds from the accounts of customers.

Precaution:

To keep the customers up-to-date and safe the booklet on modus operandi of financial fraudsters issued by the office of Reserve Bank of India (RBI) Ombudsman, Mumbai, suggests that a user must be careful when using paid apps to scan any QR code. Account details are embedded in the QR code, which is used to transfer the amount to a specific account.

5. Impersonating through Social Media

Modus Operandi

1. Scammers created fake accounts on popular social media platforms such as Facebook, Snapchat, Twitter, and Instagram among others. They send a request to your friend asking for emergency medical purposes, payment, etc.

2. Scammers will also gain trust for some time and use private information for extortion in the future

Precaution:

To keep the customers up-to-date and safe the booklet on modus operandi of financial fraudsters issued by the office of Reserve Bank of India (RBI) Ombudsman, Mumbai, suggests that a user must not make unknown online payments or transact with people whose identity seems suspicious. The best way can be by not sharing confidential and personal information online via Social Media Applications/ platforms. Another thing to keep in mind is that one must always verify the genuineness of the fund request with the friend/ relative or confirm by a phone call / physical meeting to be sure that the profile is not fake or impersonated.

6. Juice Jacking

Modus Operandi

1. It is known that the charging port of a mobile phone can be used for more than just changing one’s device, it can also be used for the transfer of data/ files.

2. Juice jacking is a type of network theft where once a targeted user’s phone is connected to unknown/ unverified charging ports, unknown applications/ malware will be installed. Scammers can control/ steal confidential data/ access, emails, SMS, and save passwords and other important data.

Precaution:

To keep the customers up-to-date and safe the booklet on modus operandi of financial fraudsters issued by the office of Reserve Bank of India (RBI) Ombudsman, Mumbai, suggests that a user must at all costs avoid using public charging stations/ cables and ports. They are a breeding hazard to data on one’s phone.

7. Lottery Fraud

Modus Operandi

1. The scammer sends an email or phone to say that the targeted user/ prey just won a huge lottery ticket. However, to receive the money, the target needs to verify the identity via the bank account/ credit card verification on their fake website, and then eventually get the details from the target. It is a very common method of scamming people.

2. In some cases, scammers require advance payment of taxes or payment of fees, such as shipping and handling fees, to receive lottery tickets/ products. This might make the target believe that the scammer is not a fake scheme maker but this can also act as a warning signal for the users/ targets.

3. Since the requested money is only a small part of the lottery/ bonus, victims can fall for the scammers' trap and pay. And then the scammer is nowhere in sight.

Precaution:

To keep the customers up-to-date and safe the booklet on modus operandi of financial fraudsters issued by the office of Reserve Bank of India (RBI) Ombudsman, Mumbai, suggests that a user must not pay for lottery calls/emails or share security credentials. When one encounters such an amazing lottery or discount, always hesitate and decline because chances are, the target is going to be looted.

8. Online Job Fraud

Modus Operandi

1. Fake job search portals have been created by fraudsters. When victims share bank account/ credit/ debit card security credentials to register on these sites, account information will be stolen and used for notorious purposes.

2. In some cases, the scammers disguised themselves as officials from well-known companies and confirmed their choices after conducting fake interviews. The victim was induced to pay the mandatory training program and other expenses.

Precaution:

To keep the customers up-to-date and safe the booklet on modus operandi of financial fraudsters issued by the office of Reserve Bank of India (RBI) Ombudsman, Mumbai, suggests that a user must always keep in mind that an authentic company will never ask for any money during the recruitment process. A user must also refrain from making any online transactions to any unknown/ unverified job portals or agencies.

With having discussed so many more forms of financial frauds committed by fraudsters in the bank environment, and how to protect ourselves, we shall now be better prepared against them. In the next part which will be a continuation of this piece, we shall look and delve deeper into financial fraudsters committing fraud in the Non- Banking Financial Company environment.