Every year, we first hear prayers for a bountiful monsoon. After a few weeks, the prayers turn into the nursery rhyme, 'Rain Rain Go Away' as people struggle with the usual issues of water logging and potholes on the roads. All this is reported in newspapers and on TV channels on a cyclical basis. If you watch carefully, confidence tricks and scams, now graduated to cyberspace, follow a similar pattern.
Some scams are recycled periodically, perhaps waiting for one crop of gullible people to forget about it and then entrap another set of prey. I feel sorry for these victims, but the sad part is that many of them make no effort to read, learn and understand the care and tricks required to survive in cyberspace. The older generation continues to remain vulnerable by blindly trusting 'unknown' callers and SMS that are ostensibly sent by their bank or a trusted service-provider. They fail to realise that even if they don't lose money, by providing information to unknown persons, they may have helped a cybercriminal gain access to information about their near and dear ones and could use it for exploitation. For example, the fraudster can use the names and contact numbers of your family and friends to send them fake messages in your name to demand money by claiming that you are in trouble or have an emergency.
Everyone using a smartphone or the internet must know about cyber scams that surface in a cyclic manner to avoid becoming victims.
1. Fake Order Scam
You may receive a parcel that you have never ordered. The caller would insist that money will be charged from your credit card or bank account for the product or service.
Once you confirm that you have not ordered, they will casually offer instructions on cancelling the order. And if you wish to cancel the fake order, you will be asked to call a given number.
Remember, these are gangs of cybercriminals who operate with many resources, including some information (either bought from the dark web or stolen) about you. All they need is for you to give them your personal and sensitive information like passwords, date of birth, and card expiry date.
Do not get fooled. These fraudsters just want the information so they can use your credit card or steal money from your bank account. Most prefer to buy items from e-commerce portals or apps or use the unified payment interface (UPI) to instantly transfer money from your card or bank account to another UPI ID or account. This money keeps moving from one account to another till it finally reaches the cybercriminals.
2. Smishing
Smishing or SMS texting fraud is a phishing attack where fraudsters send a message asking you to click on a malicious link or share sensitive information, which goes to the fraudster.
In smishing, fraudsters deceive victims into providing money or sensitive information using false promises or misleading information.
Always remember, all legitimate service-providers, including banks, use SMS headers for sending SMS to their customers. They do not send SMS from a personal mobile number.
3. Phishing
Phishing involves the use of deceptive emails, messages, or copy-cat websites to trick individuals into revealing their personal information, such as user ID, passwords, bank account numbers or card numbers, personal identification number (PIN) and card verification value (CVV) number.
Similar to smishing, these scams often impersonate legitimate organisations and request users to provide sensitive data and personal information, including financial.
4. Identity Theft
Identity theft occurs when someone unlawfully obtains and uses another person's personal information, such as name, Aadhaar number, or financial details, for fraud. This stolen information can be used to commit various crimes, including financial fraud.
Last month, Noida police arrested 15 persons in the alleged Rs15,000 crore GST (goods and services tax) scam. The scam involved registering thousands of companies under stolen or fake identities and utilising these firms to generate e-way bills and obtain input tax credit (ITC) from the government.
Raja Ram Gupta, special investigation branch (grade 2) at Uttar Pradesh (UP) GST department, told IANS that the gang used to transfer money to bank accounts of poor people living in slum areas under the pretext of a government scheme and obtained Aadhaar and PAN card details of the account-holders.
"Then the gang used to link their (gang) mobile numbers with their (victims') Aadhaar numbers. After this, the new PAN card was applied immediately. And then, based on Aadhaar and PAN card numbers, fake companies were registered," Mr Gupta says.
There is no solution to the misuse of your Aadhaar number by criminals, with or without your knowledge. What you can do is never share the 12-digit Aadhaar number or 16-digit virtual Aadhaar number with any unknown or unauthorised entity or person. Also, never share a photocopy of your Aadhaar with anyone without mentioning the purpose and date written on it (it can be done while self-attesting the photocopy).
You can also lock your Aadhaar (you will have to visit https://myaadhaar.uidai.gov.in/lock-unlock-aadhaar and first create a 16-digit virtual ID before locking/ unlocking your Aadhaar number) to prevent its misuse to some extent.
5. Investment Fraud
Investment fraud involves the deception of individuals or organisations to invest in fake or fraudulent schemes, such as cryptocurrency or Ponzi or pyramid schemes. Cybercriminals use online platforms, social media, or emails to lure victims with false investment opportunities, promising bumper returns or guaranteed profits.
In most cases, the fraudsters pay some early members to gain trust and establish reliability for luring more investors. However, all such schemes succumb to the payout pressure. Fraud promoters vanish into thin air, leaving gullible (read: greedy, it may sound harsh, but they have 'invested' money only to get more returns) people crying for help in recovering their investment.
The thumb rule for all investments is if you do not understand the product, don't invest!
6. Electricity Bill Scam
We reported about
the electricity bill scam almost a year ago. Yet, this scam continues to fool even well-read customers. A few days ago, a friend with a background in financials almost became a victim. As mentioned in these scam SMS, she contacted the 'electricity officer', downloaded an app to make payment, and entered her bank account details. Only when the caller told her that her bank account password is not matching did she realise what was happening. She asked herself how the caller knew about her bank login and password and immediately disconnected the call. She called and checked with her bank to see if any money had been transferred. The bank told her there were two unsuccessful transactions. She immediately visited the bank and changed her password.
Electricity bill scam messages started appearing in early 2022 in the northeastern states but later spread across the country. After warnings from electricity boards and police, the number of electricity bill scam messages came down drastically. But, from the example of my friend and some posts on social media, scamsters are still trying their luck in this scam.
7. Job Scams
Fraudsters post fake job advertisements online, promising high-paying positions or work-from-home opportunities. They may request payment for training materials, job placement services, or background checks but do not provide any legitimate employment.
A few days ago, Mumbai police warned about one such scam where a person from Borivali was almost duped of Rs96,000 in a job scam. The victim was lucky as swift action by the police stopped the fraudulent transaction.
I have shared a few scams that keep popping up regularly, with fraudsters finding new victims. In all scams, as we keep pointing out, greed and fear are the two elements used by fraudsters. So, even if you receive any message threatening or luring you, think twice before responding. Better check with the entity in whose name the message is sent. For example, for a message received about disconnecting the power supply to your home, you can always call your electricity supplier and find out the truth.
Stay alert and safe!
How To Report Cyber Fraud?
Do report cybercrimes to the National Cyber Crime Reporting Portal
http://cybercrime.gov.in or call the toll-free National Helpline number, 1930. To follow on social media: Twitter (@Cyberdost), Facebook (CyberDostI4C), Instagram (cyberdostl4C), Telegram (cyberdosti4c).
If the fraud is related to your bank account, you need to immediately send an email to the official email ID of your branch (you can find it on the bank's website or your passbook) with a copy to the bank's customer care. Even if you have called the official number for customer care, you must still send an email describing your conversation with the bank executive, along with the time, date, and duration of the call. This will be helpful if you face a liability issue with the bank.
