Digital India push has prompted more and more Indians, even first-time internet users and senior citizens, to opt for digital payments. The effort, combined with payment solutions like Paytm, has made it relatively easy to pay for products/services online. But, at the same time, it has also triggered a wave of serious OTP-based scams and frauds.
What is an OTP fraud
As many know, digital payment transactions, carried out via credit/debit card or net banking, rely on a unique numeric code called OTP or one-time-password. It is delivered via text message and is required for authenticating online transactions, wallet payments. However, as it turns out, online fraudsters have been coming up with ways to get their hands on the confidential OTP and wipe accounts clean.
They use social engineering to steal OTPs
Fraudsters use a range of techniques to social engineer their targets and steal their OTPs and finances. It’s a major security threat for elderly and first-time internet users but can easily be avoided with a few basic steps.
Never share OTP with anyone
The first step is what you may have already heard from your bank and payments services – never share OTP. No matter who calls you, never give away your confidential one-time-password over call, WhatsApp or email. Official services like banks never ask for OTP, which means that the person asking for your OTP is trying to get dupe you.
Be aware of source and amount details
In order to dodge OTP frauds, you’d have to be aware of minute but important details. First, while making a payment and entering OTP, be sure to double-verify the amount that is going to be debited as well as the name of the merchant receiving the payment. If the source doesn’t look credible/authentic or amount is different, cancel the transaction immediately.
Receiving money doesn’t require OTP :
Along with merchant details, you should also remember that OTP is required to be entered only for making payments, not for receiving money.There have been various cases where people hoping to receive funds have been duped by fraudsters claiming that they have to share the OTP received on their phone in order to complete receiving the payment.
Don’t use suspicious apps
Faudsters also use rigged apps to steal OTPs and card details from users. For instance, an app could pose as a calculator but actually share your screen with the fraudsters, giving them all the information (card numbers, CVV, OTPs) they need to steal money from your account. Some apps may even initiate fake transactions to phish you into giving away the same data.
Contact official customer service numbers only
Mr.Mukesh Chaudhary, CEO of Cyberops co. said that you should also be very careful while raising issues with customer services – and use official sites only. Fraudsters can create fake help lines or twitter pages of renowned services to trick users into getting in touch with them for issues like refund or cash back and giving away their details.Some scammers have even tweaked Google Maps’ publicly-sourced data to conduct this kind of fraud.