The increase in digital transactions in India has led to a surge in UPI frauds. According to data from the finance ministry, there were over 95,000 occurrences of UPI fraud reported in the 2022–2023 fiscal year. You can keep yourself secure by being aware of the different kinds of UPI payment fraud. Fraudsters frequently use strategies like UPI ID fraud, in which they fabricate IDs in order to trick users. Change your UPI PIN frequently and keep an eye out for common scams to protect yourself.
Types of UPI frauds / online frauds-
Phishing
Phishing is one of the most common UPI transaction frauds. Fraudsters send bogus emails to access sensitive information. Once you key your details (password or PIN) into the fraudulent site, the information is immediately passed on to the hacker for misuse. This way, you become more prone to UPI scams.
Fraud Sellers
Fraudulent sellers are prevalent in online marketplaces. These fraudsters deceive unsuspecting buyers by selling counterfeit products or getting the order processed but not delivering the product. This leads to financial losses and a breach of trust in the e-commerce website.
Fraud Through Screen Monitoring Apps
People with malicious intent can exploit screen monitoring apps to compromise your privacy and security. These apps allow fraudsters to capture sensitive information like UPI PINs, OTPs and other personal details by recording your screen activities without your knowledge. This allows them to gain access to your banking information and conduct fraudulent activities.
Malware
Malware is one of the most common forms of UPI fraud. It can be mistakenly downloaded from a fake email attachment or an unsecured website. Malware is designed to extract and copy data from the infected device.
Money Mule
Money mule is a more elaborate fraud. Once your financial data is obtained, fraud rings transfer money to an intermediary account to house the loot. This account acts as one of the money mules to park money collected from different unsuspecting victims. This type of fraud is also common in UPI hacking.
SIM Cloning
SIM cloning is a recent addition that has mushroomed after the OTP-mandatory rule by banks. If a fraudster clones your SIM, they can get the OTP on their device and then even change your UPI PIN. The fraudster gets hold of your bank account details and ID proof to reset the PIN. Within a minute, you will become a victim of UPI fraud.
Deceiving UPI Handles
Fraudsters often create deceptive UPI handles to trick unsuspecting users. These scams can occur on various platforms, such as social media, online marketplaces, or through unsolicited messages. Fraudsters may use enticing offers or urgent requests for payment to deceive you into making transactions to their fraudulent UPI handles.
Vishing
Vishing refers to fraudsters posing as bank representatives, asking questions on behalf of the bank. These individuals weave a web of lies and enquire about your personal information to extract your PIN or password.
Collect Request
A common type of UPI fraud is when fraudsters may request a collect payment from you using your UPI apps. They can even ask for debit reversal or other refund-related activities. They may pose as a legitimate entity or claim to be assisting you with a transaction issue. In reality, they are attempting to deceive you into providing sensitive information or initiating fraudulent transactions to their accounts.
How Do Hackers Execute UPI Fraud?
Step 1: It all starts with a random call. Fraudsters usually call targets to get their attention, as opposed to texting. They commonly disguise themselves as a bank representative, calling for a seemingly harmless issue.
Step 2: To make the call sound legit, they proceed to ask verification questions like your date of birth, name, or mobile number.
Step 3: There is always a problem. Hackers use technical difficulties in the app or website to talk to you. They usually weave false stories that convince you to forfeit your personal information to resolve the issue.
Step 4: Once the fraudster has convinced you, they ask you to download an application on your phone. Some of these apps are AnyDesk and ScreenShare, which are available on the Google Play Store.
Step 5: While downloading AnyDesk or a similar application, it asks for privacy permission, like other regular apps. But don’t be fooled; these apps can access everything on your phone.
Step 6: The fraudster will then ask you for a 9-digit OTP generated on your phone. As soon as you reveal the code, the hacker will also ask to grant permission from the phone.
Step 7: When the app acquires all permissions required, the caller starts to take complete control of your phone without your knowledge. After gaining full access to your phone, the hacker steals passwords and begins transacting with your UPI account. Thus, you become one of the many victims of UPI fraud.
Steps to Protect Yourself from UPI Fraud-
Never Share Your UPI PIN or OTP
One major mistake to avoid is to share your UPI PIN and OTP with any customer care representative claiming to be from any bank or government institution.
Always remember that any bank or government institution will never ask for your UPI PIN, OTP, or password. So if you get any call asking for your UPI details, be sure the caller is a fraudster.
Never Give Access to Your Phone or Computer
Asking for access to your phone and computer for KYC purposes is another common way fraudsters scam people to hack their bank accounts. Ensure you never share such access with any customer care agent and do not fall prey to such scams.
Don’t Open Any Random Links
You may often receive messages asking you to claim rewards or cash. Never make any transaction through such random links or websites.
It is a way used by fraudsters to collect your UPI PIN and to withdraw money from your bank account immediately.
Before making any payment, always check the UPI link and the account holder’s name.
Regularly Changing Your UPI PIN
Another important step towards securing your UPI account is regularly changing your UPI PIN. This can be done quarterly to protect yourself from any UPI fraud.
Be Careful About Payment Requests
If you ever receive a payment request from an unknown source, ensure you do not entertain such notifications. You can immediately decline the payment request if the person seems to be suspicious.
Conclusion
As the country embraces the digital era and moves towards a cashless economy, the rise of UPI transactions brings with it an increased risk of fraud and scams. UPI fraudsters employ various tactics such as phishing, malware, money mule schemes, SIM cloning and vishing to exploit unsuspecting individuals. However, by staying vigilant and implementing preventive measures, you can protect yourself from falling victim to UPI fraud.