UPI / OTP Fraud: How to Protect Yourself from Rising Scam Threats

by

In recent years, UPI (Unified Payment Interface) frauds have been increasingly common, especially in countries where digital transactions have become a norm. Fraudsters are taking advantage of the growing popularity of UPI by targeting unsuspecting individuals and tricking them into sharing their sensitive details, such as OTPs (One-Time Passwords) and UPI PINs.

These scams can be quite convincing, and it’s important to understand how they work and how to recognize the signs of a UPI/OTP fraud.

Table of Contents

How UPI/OTP Fraud Works

Fraudsters often impersonate bank officials or customer service representatives, claiming they need to update your KYC, redeem bonus points, or resolve issues related to your account. The scam usually begins with a phone call where the fraudster asks for personal details such as your name, date of birth, and mobile number, which appear harmless but are part of their strategy.

To make the scam appear legitimate, they may ask you to download a screen-sharing app like TeamViewer or AnyDesk, which allows the fraudster to control your phone remotely. They then ask you to provide the OTP (One-Time Password) that you receive on your phone. With full access to your device, the fraudster can then make unauthorized transactions from your UPI account.

Another Common OTP Scam: In some cases, fraudsters send SMS links or Google Forms asking victims to enter their login details, passwords, and OTPs. This is often done under the pretense of offering rewards, payments, or donations, leading the victim to believe they are making a legitimate payment.

Types of UPI Scams

Fake Payment Requests: Fraudsters create fake UPI IDs or payment links, often impersonating official entities or charitable causes like PM Care Funds, CM Relief Funds, or rewards for donations. Victims are convinced to make a payment believing it’s for a good cause or for a reward, only to lose their money. After entering their UPI PIN and making the payment, the victim realizes they have been scammed.

QR Code Payment Scam: Another common scam involves fraudsters sending fake QR codes to the victim’s Virtual Payment Address (VPA) on apps like Google Pay, Paytm, or PhonePe. Victims, thinking the payment is legitimate, scan the QR code and make a payment, only to find out later that they’ve been scammed.

Key Evidence in UPI/OTP Fraud Cases

When investigating UPI/OTP frauds, law enforcement authorities look for the following key pieces of evidence:

  • Transaction Details: Screenshots of the fraudulent UPI transactions, showing the time, amount, and beneficiary account.
  • Bank Details: Information on the victim’s bank account and credit card used in the fraudulent transactions.
  • Fraudster’s Contact Information: Details about the mobile number, IP address, or email address used by the fraudster for communication.
  • CCTV Footage: In cases involving ATM withdrawals, CCTV footage can help identify the fraudster’s location and movement.

Real-Life Case: How UPI/OTP Fraud Happens

Case Scenario:

Imagine you get a call from someone who says they are a customer service representative from your bank. They tell you there’s an issue with your UPI account and need to “verify your details” to fix it. They ask for personal information like your name, UPI ID, and mobile number. You feel comfortable because the caller seems to know some of your basic details.

Next, the caller asks you to install a remote access app, such as TeamViewer or AnyDesk, so they can “help” you solve the issue. Trusting the situation, you download the app, and the fraudster takes control of your phone.

Once the fraudster has control, they ask for the OTP (One-Time Password) that you receive on your phone. Believing everything is legitimate, you share the OTP with them. Hours later, you check your bank account and find that unauthorized transactions have been made, totaling thousands of rupees.

Investigation Process:

  1. Contacting the Payment Provider: Investigators reach out to your bank or payment app (like Google Pay or Paytm) to gather details about the transactions and find out where the stolen money went.
  2. Tracking the Fraudster: The authorities contact your mobile service provider to get call records and track the location of the fraudster. They also trace the phone number used to make the call.
  3. Freezing the Fraudulent Accounts: Investigators locate the bank accounts where the stolen money was sent. They work with the banks to freeze these accounts and prevent the fraudster from withdrawing more funds.
  4. Collecting Evidence: Investigators collect all the evidence, such as the fraudster’s phone number, the logs from the remote access app, and transaction details. This helps them build a case against the criminal.

How to Protect Yourself from UPI/OTP Frauds

To avoid falling victim to UPI/OTP frauds, follow these simple precautions:

  • Do Not Share OTP: Never share your OTP with anyone, even if they claim to be from your bank or payment app.
  • Avoid Downloading Suspicious Apps: Only download apps from trusted sources like Google Play Store or Apple App Store, and never install screen-sharing apps unless you are certain about the source.
  • Verify Calls and Messages: If you receive unsolicited calls asking for personal details or OTPs, hang up immediately. Always verify the information through official customer service numbers.
  • Enable Two-Factor Authentication: For added security, enable two-factor authentication for your bank accounts and UPI apps.

By being cautious and aware of these common scams, you can safeguard yourself from falling victim to UPI/OTP frauds and other cybercrimes. Always take the time to verify any suspicious activity and protect your sensitive information

Leave a Comment