New app scam can wipe bank accounts, warns RBI
A day after the city police busted a gang of online bank fraudsters who had been luring customers in the name of loans and insurance, city police has acknowledged the existence of a new type of fraud on digital platform, particularly using the Unified Payment Interface (UPI) platform using which fraudsters can remotely access mobile devices and carry out transaction through certain mobile apps.
By : migrator
Update: 2019-02-16 00:54 GMT
Chennai
Banking and security agencies had raised concern over the increase in fraudulent transaction using UPI and payment apps and had been warning public over this.
“The latest is fraud by remotely accessing mobile devices using apps and emptying their bank account,” a senior police officer noted.
This method can be used to carry out transaction through any mobile banking and payment related apps, including UPI and e-wallets. RBI has already issued an alert on this, asking banks to take necessary measures to create awareness among their customers.
The officer noted that fraudsters usually lure the victim on some pretext to download apps using mobile devices could be made remotely accessible. After making the victim to share the app code, the fraudster literally takes over the smartphone and carries out transaction through the mobile app already installed on the customer’s device.
Unified Payments Interface is a real-time payment transaction system developed by National Payments Corporation of India to facilitate inter-bank transactions. UPI is regulated by the Reserve Bank of India and works on a mobile platform.
Modus operandi
The first step is over a phone call, from a person claiming to be a tech support specialist, warning that the mobile device or computer is infected with malware. After causing an alarm in the mind of the potential victims, the fraudster would then persuade them to grant them permission to control the device remotely
Once the scammer convinces you to give them remote access, they’ll ask you to install a programme or app which would allow them to access your device
They would then ask to share the app code generated in the device. Once the conman inserts the app code in his device, he would be able to operate victim’s device sitting in any corner of the world. Using the mobile app credentials stolen from the victim’s device, the fraudster can carry out transaction through mobile apps installed on the device
Visit news.dtnext.in to explore our interactive epaper!
Download the DT Next app for more exciting features!
Click here for iOS
Click here for Android