Hyderabad: The arrest of Koneru Anwesh, an engineering dropout-turned-event manager, two days ago by Madhapur Police revealed that he had used loopholes in the banking systems of two private banks to reset the debit card pin number of the techies he had targeted. Police are now writing to these banks alerting them about the loopholes and the necessary measures to be taken.
Anwesh had trapped at least seven techies in the guise of wanting to share flats and siphoned amounts from their accounts to the tune of Rs 3,71,900. Police also suspect that he could have trapped more persons using this modus operandi, but are yet to find out any details.
After Anwesh was arrested, the police found that all the techies whose accounts were siphoned, were holding debit cards from two private sector banks. To reset the debit pin number of these accounts through IVRS process, the customers are asked only to submit the last four digits of their debit card and no further details about the account or the account holder are asked. Taking advantage of this process, Anwesh would steal the debit cards of the targets, when he visited them while seeing the flats for share, and would call the phone banking service of the particular bank from the victim's mobile and reset the pin number through IVRS process. Later, he would create a new pin number and withdraw the amount from the accounts.
When he was working as a event manager in the city a few years ago, he had an account in one of these banks and learned about this loophole from experience and began to use it as a means of scamming others.
It was found that these loopholes are present only with two reputed private banks, while other private and public sector banks have a much more secure process in place to reset debit card pin numbers. We are writing to the two banks to alert them about this loophole, so that they can upgrade the security features for the safety of their customers.
