RBI Cautions About Fraud Using Mobile Numbers Similar to Bank’s Toll Free Numbers
The Reserve Bank of India (RBI) has issued a cautionary warning regarding a fraudulent method of obtaining sensitive information using phone numbers.
The notice says that a fraud is being committed using mobile numbers similar to banks’ toll-free number. Mobile numbers resembling a supervised entity’s (SE) toll free number are registering mobile numbers in the name of that SE on caller identification mobile apps such as TrueCaller. Reliable inputs were received on a new modus operandi of social engineering frauds using mobile numbers.
The State Bank of India (SBI) has uploaded the notice issued by RBI’s department of supervision, central office cyber security & IT risk group (CSITE) on its website for its customers.
Example: Assume the supervised entity’s toll-free number is 1600 284 7808, the fraudster will obtain a number similar to this, say 600 284 7808. The fraudster then registers successfully on the TrueCaller app (or any other caller identification app) with this number as the toll-free number of that SE.
To contact the SE, an unsuspecting customer (victim) will call the fraudster’s number registered on the TrueCaller application. The customer then will be amenable to revealing sensitive details like debit or card credentials, username and one-time passcode (OTP).
Supervised entity or SEs denotes to any legal entity like banks, financial institutions. The fraudster then gains access the victim’s account and can carry out fraudulent transactions.
To avoid falling for such frauds, the notice says that the customers are advised to confirm the toll-free number of the company, and not even share confidential information with the bank’s executives.
The notice has advised the SEs to take necessary action to safeguard against this type of fraud.