The Unified Payments Interface, or UPI, has grown in popularity due to its user-friendly features. It’s a single platform that combines a multitude of financial services and features into one convenient location. All you need is a UPI ID and PIN to send and receive money. The UPI ID may be generated using the bank account’s credentials as well as the account’s mobile phone number. An OTP (one-time-password) will be provided to the user’s mobile phone number, which may be used to finish the registration and set a PIN.
The UPI ID or the telephone number can then be used to finalise transactions. Users do not need to know their recipients’ account number, account type, IFSC, or bank name. They may just use the bank’s registered cellphone number or the UPI ID to transmit money. While it is extremely convenient to use, it has also broadened the scope of cyber-attacks and raised various security issues.
The Different types of a UPI scam
With the increase in the number of UPI transactions, there has also been an increase in the number of online financial attacks, UPI fraud complaints, hacking, cyber-frauds, and other hazards. Given below are a variety of ways in which the UPI scams take place:
1. Scam of Phishing
This is a scam in which scammers send payment links in the guise of an SMS. These spoof bank URLs will be nearly comparable to the real thing. When you click on that link, it will lead you to your phone’s UPI payment app, where you may choose any app for an auto-debit. The money will be debited from the UPI account as soon as you provide permission. In addition, the phone will be infected with a virus or malware that can steal financial data saved on the device.
2. UPI handles that are Deceptive
Fraudsters are always devising new ways to fool people, and one of them is through the use of social media. False pages with names that seem similar to actual ones may exist on social media, and people may fall for it. Putting your personal information on such sites is dangerous. Screenshots of your UPI handles can be used to deceive you. It is not a good idea to put things in the public domain.
3. Unverified Links
Many people are unaware that using the UPI app to receive money does not need scanning a QR code or inputting your UPI pin. Hackers routinely offer phoney URLs with the possibility to make a payment request. When you click this link, it will prompt you to enter your UPI pin or scan a code. Hackers will have access to your financial information as a result of this.
Malware is one of the most frequent forms of cybercrime, and it can be obtained unintentionally through a phishing email attachment or an unsecured website. Malware is designed with the goal of obtaining and copying data from compromised devices.
5. Cloning SIM
SIM cloning is a relatively new technology that has gained a lot of traction since banks made OTP mandatory. If a fraudster clones your SIM, he or she can even change the UPI PIN. The fraudster acquires the victim’s bank account details and ID evidence in order to reset the PIN.
5 ways to protect yourself from such Fraud
Don’t engage with Fraudsters
Please do not interact if you are unfamiliar with a phone number or are unsure about the caller’s identity or the source of information supplied. Be aware of phone numbers found on the internet, especially those for food or beverage establishments, as they may not be genuine. Always double-check to ensure the person’s identification. Remember that your bank would never ask you for sensitive information over the phone or over a text message.
Pay attention to payment requests and SPAM alerts
If you get a request from an unrecognised account, the UPI app is likely to display a spam alert. Make sure you choose the right option, such as ‘Pay’ or ‘Decline.’ If you suspect fraud, please deny a request. Don’t be fooled into thinking that clicking the ‘Pay’ button would result in cash being sent to you. Instead, money is sent to the fraudster’s account when you type in the UPI PIN.
Remember the golden rule of Receiving Money
Receiving money does not necessitate the use of a PIN. Fraudsters try to take advantage of payment apps”request money’ function. They’ll pretend to be interested in purchasing a product you’ve posted for sale on the internet. Always keep in mind that if you need money credited to your bank account, you will NEVER be able to do so.
Observe Safety Procedures
- To help keep your account safe, follow these simple Dos and Don’ts —
- Never give out your PIN to someone you don’t know.
- Maintain anti-virus and biometric recognition software on your computer.
- Never click on links or emails from unknown senders.
- Keep your bank informed of any changes to your personal information.
- Use only secure WiFi networks that you know and trust, rather than open ones.
- Keep track of your financial activities and bank account statements, and keep a check on your account for any questionable activity.
- If you see anything suspicious, contact your bank right away.
Beware of Counterfeit Applications
Many dangerous or phoney applications masquerade as legitimate apps in order to deceive you. The software will be easy to download and will seem identical to the original bank app. If you download and install the bogus software by accident, it will share your personal information with criminals, allowing them to steal money from your account. Be wary of fake applications like Modi Bhim, BHIM Payment-UPI Guide, Bhim Modi App, BHIM Banking Guide, and others that have been identified as scam apps for collecting users’ personal data under the pretext of offering a helpful banking service.