How To Guard against Mobile, Online Fraud
Fraudsters using mobile phone or the Internet to trick unsuspecting users has become so frequent in India that the police, often, turns a deaf ear. Such frauds have become so commonplace that a single cyber police station in Mumbai may have to register 10 to 12 FIRs (first information reports) a day. That is why, I feel, online FIR is a myth. What the police fear is poor detection which affects their career prospects. The simple solution to this is to deny or delay filing of the FIR. So, either people give up, or the evidence in the electronic world evaporates and thereby no FIR is filed. Cyber space frauds are often committed in varied jurisdictions which are different from the victim’s current jurisdiction. This also helps the police to plead helplessness.
Phishing frauds are planned and executed by fraudsters from places like Jamtara, in Jharkhand. Their modus operandi is to play on the psychology of fear. Jamtara has become the hunting ground for cyber cops from all over India, investigating online crimes; many cases of digital fraud are traced to this district.
So what is new-age phishing? Let’s look at an analogy. Similar to requiring a key to open the lock of a user’s home or a 4-digit PIN to withdraw cash, fraudsters require users to answer a phone call with OTP (one-time password), click on a malicious link to enter into a user’s system or network. In short, they phish because the weakest link in the system, the humans, enable them to get away with their crime.
These new-age cyber fraudsters have realised that it is easier to exploit vulnerable humans than to beat technology. So, unsuspecting users receive fraudulent phone calls, emails, texts and social media messages crafted to look like real. The information looks so credible that you are lured into either parting with your OTP or banking credentials, or click on a link sent to you or open an attachment.
Fraudsters located in Jamtara get client information from outsourced bank agencies and make random calls to some people, claiming that they are from SBI (State Bank of India), or some other bank, and defraud the gullible online. The fraudsters use the ‘Sha plus’ app which helps them secure the first four digits of cell numbers. They, then, randomly add six more digits and try their luck by making phishing calls.
The modus operandi is that outsourced bank agencies charge Rs100 per client’s details. After getting the details, the gang buys a SIM card by submitting fake address proof.  Then they start making random calls saying that they are bank officials. They mention the account number of the customer, based on the information they obtained from the outsourced agencies, and try to scare them, saying that they had not linked their account with Aadhaar card and, hence, the account would be frozen. 
I get many such cases in a month. The case that I remember most vividly is one which resulted in multiple heart attacks in one family due to loss of more than Rs1 crore by three family members, simultaneously, through the same fraud inflicted on them. First, the data of this rich family was phished; then social engineering phishing or vhishing (phishing via voice call) was done to trick the family members into revealing their banking credentials. The cyber criminals then transferred the money to various bank accounts held by their henchmen and later withdrew it physically or used it to purchase valuables.
So, how do readers of this article save themselves from falling a prey to phishing or vhishing by taking some simple preventative steps? Awareness is the first defence; and the ability to differentiate between legitimate and fraudulent calls or emails is vital. The accent of people and phone numbers of callers, domain names, spelling errors, and low-resolution or out-of-date logos can signal a fake email.
Be wary of unsolicited attachments. The fraudsters rely on you blindly opening any document you are sent. Be sceptical when receiving emails purporting to be from your bank, income-tax, the Reserve Bank of India (RBI), an embassy or an insurance-provider.
Think before you act. Your curiosity can put you, your data and your money at risk. If you have received a suspicious email from a friend, call them to check the situation. If you have issues like anxiety, blood pressure, low self-esteem or are uncomfortable with language, avoid phone-banking or answering any calls from banks.
Free Helpline
Legal Credit