Hyderabad: “If you have still not linked your Aadhaar card with the bank account, we can fix it. A one-time password will be generated to your mobile number. Share it with us to complete the linkage,” goes an offer made by a cyber thief. If the recipient of the call complies, his or her bank account will soon be emptied.
The state police receive at least three complaints of such frauds every day. The calls are usually traced to Jharkhand. Random mobile numbers are picked by the fraudsters and the recipients are asked to link Aadhaar to bank account after giving certain details. Once the details are provided, the caller proceeds to empty the recipient’s bank account. The money is either transmitted to another bank account or to an e-wallet. Earlier, cyber thieves used credit and debit cards to trick people but now the Aadhaar linkage provides fertile ground for this latest con act.
In a recent case reported from the city, the complainant, Jyothi Agarwal, said that the caller claimed to be an SBI staffer and asked if her Aadhaar card had been linked to her bank account. “On my saying no, he said it can be done online and asked me to share the OTP generated to my number. I was quick to identify the scam caller and turned the call down, as I had read about the fraud. If I had shared the OTP number, the caller would have emptied my account. Further, in an oral representation, I informed the Hyderabad cyber security wing.”
The modus operandi is to get details of a person’s bank account through various sources, including the bank staff, and phone numbers from various sources. The transaction is conducted outside the city and they try to get the OTP through a phone call. They convert the money to online money wallets like Paytm, MobiKwik, Oxigen Wallet and PayUMoney.
Ram Mohan, a senior officer with the Hyderabad cyber crime wing, explained, “Cyber cons have strategised a new way to skim money from accounts, with Aadhaar linkage being the latest con. Earlier, an anonymous caller would feign to be a bank staffer and inform that the account holder’s ATM card is blocked and would demand details of the card, including the secret pin number, to restore it. Later, this moved to credit cards, stating that the last credit payment had not been updated and deman-ded the person’s password to update it. They collect contact numbers from different sources of online registration.”
Accused is liable for judicial custody up to three years.The OTP fraud is rampant in almost every state, where police register at least three cases every day.
- One Time Password is a security code delivered to the registered mobile number to authorise various transactions. It is also used for authenticating the identity of the user in netbanking transactions.
- Investigations into OTP misuse cases revealed that most fraud calls originate from Jharkhand, from the fringes of Naxal-affected areas. Jamtara district is considered to be a hub of cybercrime. Some calls were tracked to New Delhi.
- Unauthorised access to other’s OTP or its misuse is an offence under Section 66(b) and 66(c) of the Information Technology Act. It is a punishable offence, entailing an imprisonment of upto three years.
- Banks follow two-factor authentication for online card transactions valued upto Rs 2,000 to overcome internet banking frauds.
- Apart from the OTP, banks insist on an online authentication code. By updating their registered mobile numbers, customers can protect themselves against frauds.
- No bank agent or staff or agency dealing with Aadhaar card authentication or linkage will ask for an OTP. Bank customers should be aware of safety tips while using debit and credit cards, and in any case must not share OTP.
- Inform your city cyber security cell if you feel you have been conned.