How scammers are using SMS, WhatsApp texts, fake customer care numbers to commit OTP fraud
Once the criminals get their hands on the OTPs, they gain unauthorised access to bank accounts, credit cards, digital wallets, e-commerce apps and personal data, leading to heavy financial losses and identity misuse.
By Newsmeter Network
Hyderabad: Cyberabad police are warning about scammers tricking people into sharing their One-Time Passwords (OTPs).
They are doing this by increasingly using deceptive calls, SMS, WhatsApp messages, fake customer-care numbers and phishing websites.
Once the criminals get their hands on the OTPs, they gain unauthorised access to bank accounts, credit cards, digital wallets, e-commerce apps and personal data, leading to heavy financial losses and identity misuse.
Modus operandi in OTP frauds
1. Fake Bank/KYC Update Calls: Fraudsters pose as bank officials and claim that the customer’s debit card, credit card, KYC or account will be blocked unless an OTP is provided.
2. Online Shopping/Cashback Scams: Criminals offer fake refunds, gift vouchers, cashbacks or points redemption and request the OTP that ‘will be received for processing.’
3. Fake Customer Care Search: Victims search for customer care numbers on Google; fraudsters pick up the call and ask for OTP for authentication or reversal of a transaction.
4. Job and Loan Fraud: Scammers assure instant loans or job approvals and ask victims to share OTPs to ‘complete verification.’
5. Fake UPI Collect Requests: Scammers tell victims they will receive money but instead send a Collect Money Request on UPI. Fraudsters ask to approve and share OTP, resulting in the debit of funds.
6. SIM Swap/Mobile Number Fraud: Fraudsters collect personal details and OTPs to issue a duplicate SIM and take control of banking OTPs and SMS alerts.
7. E-commerce Return and Delivery Scams: Impersonating delivery executives or online marketplace agents, criminals ask for OTP under the pretext of verifying a return/refund request.
Public advisory to prevent OTP frauds
1. Never Share OTPs: No bank, government department, e-commerce platform, digital wallet, loan provider, or delivery service ever asks for OTP.
2. Beware of Unknown Calls and Messages: Do not respond to calls or messages requesting OTP for card activation, KYC update, EMI relief, loan sanction, reward points or refunds.
3. Do Not Approve Unknown UPI Requests: Never approve Collect Requests or share OTP claiming that ‘money will be credited to your account.’
4. Verify Customer Care Numbers: Always use customer care numbers only from official websites/mobile apps — not from Google search or social media posts.
5. Do Not Share Screenshots of Messages: OTPs can be extracted from screenshots shared on WhatsApp or social media.
6. Activate Security Features:
- Enable SIM lock
- Enable device screen lock
- Enable bank transaction alerts
7. Report Suspicious Activity Immediately
- Report suspected fraud to the National Cybercrime Helpline (1930) or online at cybercrime.gov.in
- For the latest cyber awareness updates, follow these links:
https://www.facebook.com/
