Bank Customers’ sensitive information is now vulnerable to a new bank fraud that has surfaced recently. The Reserve Bank of India (RBI) has released a cautionary circular pertaining to fraudulent method that is being used to dupe customers and extract confidential information. The State Bank of India (SBI) has also uploaded the notice on its official website to spread the word about the new fraud.
According to the circular, the fraud, being put under the category of social engineering, is executed using mobile numbers very similar to the toll-free numbers used by major banks. The fraudsters use phone numbers resembling a Supervised Entity’s (SE) Toll-free Number and then register these dubious numbers on mobile caller identification applications like TrueCaller.
Supervised Entities are considered as those institutions which have legal credibility, be it banks, insurance companies, or other financial institutions. The modus operandi of the fraud is designed in such a way that the victim, if not careful, can easily be misled into providing classified information.
This is how it works:
Generally, toll-free numbers start with codes like 800, 888, 844, 855, etc., with a ‘1’ attached to it as a prefix. Therefore, it looks something like 1800 223 464.
The fraudster will acquire a number similar to the toll-free number, except for the prefix. So, the number looks something like 800 223 464. Then, the fraudster will register this number on a caller identification application under the name of a particular supervised entity, say, State Bank of India.
It is likely that uninformed customers will call the dubious number rather than the actual number of the SE to resolve their queries.
Once the fraudster gets in contact with the customer through the fraud number, the person lures the victim into giving out sensitive information like debit/credit card details, PAN card details, username, OTP, etc.
As the new fraud has come to light with the help of credible sources, the supervised entities are now responsible for taking necessary actions to curb the damage done by the fraudsters as much as possible. SEs are taking steps to spread awareness about the phenomenon and are using websites, social media, e-mails, and SMS to broadcast a beware message among the masses.