One of the ways scamsters are defrauding unsuspecting customers is to use the mobile phone details to reset bank account passwords and take control of the account. Using SIM swap fraud, scamsters can gain control of your mobile number and divert all calls and messages to a device under their control. You would not even realize that your number has been hacked and someone else is using it. Once the mobile phone number is in their control, scamsters can reset the bank account password (or for that matter any other account including utility accounts) by requesting for a one-time password (OTP). Usually, banks verify users trying to reset the passwords, by way of dynamic authentication, where an OTP is sent either to your mobile phone as an SMS or on email. Since the scamsters have control of the mobile phone number, they can use this OTP to reset the account details and abuse your account at will. Millions of customers around the world are falling prey to such sophisticated scams that cause losses worth millions of rupees.
Customer negligence is often a big reason why scamsters can so easily access the personal details of customers. Sophisticated scamsters use social engineering to dupe the unsuspecting customers and gain their personal information. Scamsters can pose as representatives from your bank or telecom operator and ask you to send a specified content as SMS to a certain number. Or they may send you a link and ask you to reset your details through that link. When you click the link, you are taken to a fake website that is used to phish out your personal details. This stolen personal data is treasure chest of information for scamsters who can use it in numerous ways to orchestrate multiple cyber attacks.
I recently encountered such an incident. I had been facing connectivity issues with my mobile network provider and had raised a service request. I received a call from a lady claiming that she was calling on behalf of my network provider. She tried to coax me into sending specified content to a certain number so that my problem could be resolved and I could get good connectivity speeds. It, however, raised my suspicion and I asked her if she indeed was calling from my network provider. She became offensive and told me that it was upto me to send the SMS if I really wanted to resolve my problem. Something didn’t sound right and I told her that I would think about it. She inquired whether I would send the SMS or not, which I refused and ended the call. I immediately called up the customer care of my network provider and inquired if such a call was indeed made from their end. The customer care executive confirmed that no such call had been initiated from their end. It turned out to be a fraudulent call, which could have adverse ramifications had I complied with the caller’s request.
In today’s digital world, the anonymity of the internet has made it easy for scamsters to impersonate our service providers and try to defraud us. Therefore, in a landscape rife with numerous scams, it is for us—the customers—to be vigilant and abstain from providing our personal details to people who we do not know.
The article has been written by Neetu Katyal, Content and Marketing Consultant
She can be reached on LinkedIn.