How to protect yourself from an SMS Bank fraud ?

source

Mr. Jay (Name changed to maintain anonymity) received an sms informing him that he needs to update his KYC (know your customer) details with his bank.
Following this he received a link via a subsequent sms asking him to update his KYC credentials.
Mr. Jay retired from a bank as a senior manager so is well versed in the process of the bank updating the KYC of their account holders.

He clicked the link and a form opened up.
He entered his details such as name, ID, bank account number, and bank details.
As soon as he submitted the form he received an OTP (One Time Password) on his mobile.

Soon after he received a call from a person claiming to be working in the KYC department of the bank.
The sweet-talking person seemed extra helpful and asked Mr. Jay for the OTP.

This made Mr Jay suspicious and he did not provide the OTP moreover he disconnected the call and did not pick up the call from that number.

A chain of horrible events was beginning to roll out.

Then he received an sms informing him that a large sum of money had been withdrawn from his bank account.
Within the next 15-20 minutes he received a number of SMSes informing him that money has been withdrawn from his other bank accounts.
He rushed to the police station to lodge the complaint of cyber fraud that he had experienced firsthand.
As of now the police are investigating the crime and trying to dig up any leads.

What is an SMS scam

This is a common type of scam where a person receives an SMS asking him to furnish his KYC and when he responds by clicking on the link he is led to a spoofed site resembling his bank site.
Once a user fills in his personal and financial information a malicious program or script running in the background captures the data and tries to log in to the genuine bank site. Therefore the OTP generation gets triggered.

The scammer then calls up and tries to persuade the bank account holder to give out the OTP.
Nowadays some scammers are so smart that the software they use automatically reads the sms and passes on the information to them as long as there is an internet connection and net banking enabled for the user.

Is Mr. Jay’s case an isolated incident that we read in the Newspaper and forget?

Mr Jay’s case is not an isolated one we are all at risk of being defrauded in this manner

What could one do to protect ourselves from such a scam?

Let us rewind to the time when this event unfolded.

Be in the right frame of mind

Please understand that online scams are real and happen more frequently than we can imagine. Every other person is being targeted.
Be prepared for every eventuality and have a plan of action if someone approaches you.

What kind of plan of action could one have?

While opening a bank account

In case your bank needs you to link your mobile number to your bank account then as far as possible use a number that you use exclusively for banking.
These days Web 2.0 social media accounts Facebook, twitter, etc often prompt you to link your mobile account with your social media account.
Keep this mobile number separate from your mobile number used for banking.

A lot of time scammers harvest social media accounts for mobile numbers or use random numbers to send out messages.
Either way, keep the banking number and the social media account-linked mobile numbers separate.

Your bank mobile number should be a private one

Keep your bank-related mobile number as a private number and do not share it or put it on your business card.
So if you get the message on your mobile number related to your social media account then you can see this as a warning that this could be a scam.

Use the speed dial of your phone

Every bank has a number to report a scam or fraud. Keep this number on speed dial. In case you are being targeted.

Often we are slow to react and comprehend what is happening to us.
As a result, we lose valuable time.
Do keep the number of police as well as the cybercrime department on speed dial.
In most cases, such complaints can be lodged over the phone.

Act in the golden moments

As soon as an incident has occurred take action by reporting the matter to the right departments and the cyber crime police.

My Jay lost precious time by going to the police station. He could have lodged the complaint via the phone or through the online cybercrime portal.

Be Informed

Find out what is the process of lodging a cyber crime report in your city and country
Keep the method as a handy flow chart or printout.

The first thing to do is to change the net banking and mobile banking passwords in case one clicks on a suspicious link.

As soon as you receive an OTP that you did not initiate make sure to call the bank.
At times the SMS OTP may come outside the banking hours.

In such a case call up the banking helpline which mostly works 24X7. Explain the situation and seek their help to protect the funds.

Keep the 24X7 bank numbers handy

Limited liability once you report

In most cases by sharing the details of an attempted or in-progress scam or hack one can seek the help of the bank and your money loss is contained.

Final thoughts

One has to be proactive and aware of the protection of your bank account and your hard-earned money.
Your swift movement and timely action can help you in protecting your accounts.

Posted Using LeoFinance Alpha