Do not get caught by new tricks used to steal money through UPI

Immediately after listing his AC AC, Mishra received a call from a potential buyer claiming that he was working for the Armed Forces and was posted in the border area in Rajasthan. As the conversation progressed, Mishra tried to find out the identity of the person through Truecaller.

The person told Mishra that he is going to transfer money immediately and his son will come later and collect the same. Mishra got it The caller asked Mishra to put the UPI (Unified Payment Interface) ID in the UPI app on his phone. The minute the Mishra did, he got a message from his bank, which was told that his bank account has been debited. He called the person to find out what had happened and said that something went wrong and Mishra should try to do it again. She tried again, and then again. After the third attempt, Mishra felt that she was bewildered. The person who was entering was not his UPI ID, but his UPI PIN, which was authorizing the forgery for payment. But till then, Mishra lost three billion rupees in three transactions.

In the past few weeks, payment apps like PhonePe, which provide a platform for UPI transactions, are looking at a section of online classifieds portal like OLX and National Payments Corporation of India (NPCI) similar complaints. Many of these complaints are being made public through social media. What is striking is that UPI, in fact, is a special feature in the UPI, fraudsters are being used in various ways.

New strategy

The most common UCI fraud has faced a Mishra right now. There is a facility in UPI in which a person or a business user can send a request to collect the money. The user needs to authorize the transaction using the security PIN. This PIN is like an ATM PIN, not the one time generated password as OTP. In the case of Mishra, when the fraudster was asking for his UPI ID, he was actually wasting his victim to input the pin, causing the transaction. At present, this is the first and most common change in the misuse of the “request money” facility in the UPI.

Anup Bhansali, Head, Fraud and Risk, in the phone, said that for the cheating person, it is that he would call the user claiming to be a platform representative and offer cashback. The user is asked to enter the PIN through the collection request and money is debited from the victim’s account. EY’s partner and technology risk leader Basant Shroff said that using this technique is also used to cheat fraudulent cards. The difference is that the user must share the OTP for card transactions.

In the UPI ecosystem, some fraudulent alert users are reported and blocked by payment platforms, but many of them are far away. “What happens is that the fraudster will make a purchase on the online platform and enter his UPI VPA (Virtual Payment Address) in the mode of payment. You will receive a mass request. If you enter your PIN at this level, then you’ve paid for someone else’s online purchase. It is not furious, but we have come up with some such cases, “said Bhansali.

Another fraudulent method is using fake customer service numbers for banks or the UPA platforms. When a user calls on these numbers, the deceitful person withdraws sensitive information from them.

Long road

If you are victim of such fraud while using UPI, then your support is largely through law enforcement, even if your bank asks you to complain. On the condition of anonymity, a banker who spoke to the mint said that the bank can not take responsibility because it is the user who has fulfilled both the factors of authentication and the bank can not debit a single account from someone so that he Could return “Unlike the charge-back system for the card, where we can still take some measures to get money for the fraudulent transactions, the person-to-person transaction will not give us that opportunity,” the banker said.

Although you should take this issue to the police, the resolution may take a long time. In most cases, victims, deceitful, real account holders and the place in which money is withdrawn is in different places.

Even if banks can easily identify someone behind the UPI ID, but identification is rarely used in cases of fraud.account to open an account for.” He mentioned to pay fraud to the fraudsters to access their accounts from time to time to use their account or to open an account. “Once the money is transferred, the amount is withdrawn from the account using an ATM card,” he said. Most of the accounts used by fraudsters are made through identity theft, which seems to be similar to Mishra.

Mishra lodged a complaint with his bank, payment platform and police. The forum has shared some details with the IP address of the fraudsters, which could possibly be used to identify or detect them. However, they have no idea whether they will get their money back or not.

Preventive Measures

The increase in the number of fraud can eventually lead to systematic changes in the UPI. But can you disable the “Request Money” feature for your own account? So far, the answer is no, and any change will be decided at the NPCI level. “We are considering this. We are also discussing this with NPCI.” Bhansali said that a common feature of UPI and disabling it would not have to follow the open gap of the UPI. NPCI did not respond to Mint’s email.

However, there are other measures which are taking bank and payment platforms, although they are not specific to the UPI, Shroff said. “To stop phishing, some banks have stopped sending URLs in messages and emails, and instead (users) are pushing to go directly to their websites. Some banks also offer the option of closing some types of transactions for your account or card, “Shroff said, for the UPA transaction, Bhansali said, if the system detects unfamiliar behavior, then user transactions Be cautious about

Classified marketplace LLX, through which there have been many such frauds that did not respond to requests for details about misuse of their plans to prevent fraudsters. It said in a press release that it is doing this using “technology filters and site auditors”, and it bans more than 1 million suspicious accounts each month. For consumers, it is important to note that you can choose not to make your phone number. Public when posting on sites like OLX

As a consumer, you should stick to the basics. One, never share your PIN or OTP with anyone. Two, remember that if you are transferring money to your account, then there is no need to authorize this transaction – whether it is through UPI, NEFT, IMPS, e-Wallet or any other payment system.

How to Avoid Online Fraud


■ Read the transaction sms, pop-ups and details closely

■ Learn the difference between an ID, PIN and OTP

■ Alert your service provider for potential spam and fraud

■ Suspicions for someone offering you free calls and cashbacks

what not to do

■ Never share PIN and OTP

■ Never share identifiable information on public forums that can be misused

■ Do not click on random links for free offer or verification

■ Do not enter the PIN to get money on any platform

Leave a Reply

Your email address will not be published. Required fields are marked *