Biggest UPI Scam
The guy name Shivam Shukla installed the Paytm app in February to link it with FASTag a re loadable smart tag operated by the National Highways Authority of India, enabling automated toll payments.
A few days back in the month of February, he started receiving messages to finish his Paytm KYC("Know Your Customer")- a business process to verify a customer's identity. He would loss the money in his Paytm wallet of he didn't, the message warned, and ended with a number he was asked to call. He did, but no one answered,
The next morning, at 9:13am, the 26-year-old, who lives in Kanpur and works as a professional anchor, got a call from a man who introduced himself as a Paytm employee. He gave him simple instructions to complete the KYC on his own: download a screen sharing app, connect it with Paytm, share the nine-digit ID, and wait. Shukla did everything he was asked to.
Next, the caller asked him to add Rs 10 to his Paytm wallet. He wondered why this was needed. But he went ahead thing it was harmless, add added Rs 10 through Payments Interface(UPI). But minutes after that transaction Shukla started losing money from his bank account. "My mind topped working. I could not understand what was happening," he said Money drained out his account as the caller kept him engaged on the phone. By 10:16am, in four different transactions Rs 19,990, Rs 2,000, Rs 9,999, Rs 7,000 so finally Shukla lost Rs 38,989 from his account.
What actually happened and how?
With remote access to the device through the screen-sharing app, the fraudster could see every activity on Shukla's phone. The seemingly harmless Rs 10 transaction revealed Shukla's UPI PIN (through the on-screen keypad) and the one time password messages he received for approving transactions. The scammer immediately used the credentials to transfer money.
Shukla got scammed. He went through what thousand of Indians experience everyday: digital payment frauds, with sums ranging from a few thousand rupees to several lakhs wallets and UPI have taken over the Indian digital payment ecosystem. Since its introduction in 2016 by the National Payments Corporation of India ( NPCI ), UPI has changed the payments paradigm. But even as the reduction of friction in payments is driving the growth of new business, it is also orchestrating fraud and with a likely influx into new-age payments platform in the aftermath of the coronavirus outbreak (with early studies indicating virus droplets can remain on currency notes for days), this may only got worse.
In the city of NOIDA the number of reports cybercrime cases jumped 400% from more tan 300 in 2018 to 1,697 in 2019, and a third of all the cases were KYC-update scam. In Bengaluru, 38% of the 12,754 cybercrime cases reported between January 2018 and August 2019 were UPI-related Paytm gets around 1,300 complaints every day, said vikendra Singh, a team lead in the risk and fraud management division of the company's Noida office Extrapolate that to the entire year, and we are talking about close to half million annual complaints- On Paytm alone, excluding other UPI app likes PhonePe and Google Pay
UPI SCAM
To prevent the fraud Shukla faced Paytm introduced a fix the app won't function on the phone if you have any screen- sharing app installed but soon after, Singh from Paytm said phishing links -- fake web pages to steal authentication credentials-- surged. Scammer don't stop This is why industry insiders say there no " most common type of fraud". It keeps changing: scammers identify and exploit loopholes, companies fix it, scammers find other loopholes, and the cycle repeats.
In the UPI world there are two types of transaction: "pay" ( send money to another account) and "collect" (send request to receive a fixed amount from another person) The latter is what fraudsters are exploiting now. Vikas Singh, a data scientist at NPCI's fraud detection team, said that roughly 1 million of the 40 million daily UPI transaction- around 2.5%-- fall under "collect", and that's where they see most frauds begin reported.
Nowhere is it more prevalent than the infamous and wildly common frauds on India's largest classified portals like OLX
No comments:
Post a Comment