- Date : 20/02/2019
- Read: 2 mins
The modus operandi of the fraud relies on access to a victim’s bank account through the UPI platform and other banking apps
On 14th February, the cybersecurity and IT examination cell of the Reserve Bank of India (RBI) alerted banks of a potential tactic used by fraudsters to gain remote access to a victim’s bank account and carry out transactions.
The modus operandi of the fraud relies on access to a victim’s account through the UPI platform – specifically, via an app called ‘AnyDesk’.
How the fraud takes place
Fraudsters lure victims to download the AnyDesk app from the Play store or App store. On downloading this to the phone, a nine-digit code is generated. Simultaneously, the user is asked to grant certain permissions, a common practice with most apps.
If this nine-digit access code is shared with any third party, a hacker can gain remote control over the user’s device and personal information, and use that against the victim to wipe out their bank account through payment apps available on the phone.
The RBI, which issued a similar alert last month, has re-issued a cautionary circular in the wake of a rising number of incidents coming to light. The fraud is not limited to just the AnyDesk app; it can be replicated through other apps as well, compromising security in the digital payment ecosystem.
So, this leaves not just the UPI platform but also netbanking platforms and e-wallets vulnerable to potential fraud.
Lot of money at stake
The RBI has shown concern over the possibility of thousands of crores of retail consumers’ funds being jeopardised through digital platforms.
Digital transactions have been steadily rising in the country, with the government-backed UPI platform growing by 8.47%, from 620 million transactions in December 2018 to 673 million in January 2019, valued at Rs 10,900 crore.
Banks have already started sending alerts to consumers to be on guard against possible fraud. Consumers should never share any kind of access codes or OTPs with anyone, be fully aware and absolutely sure of the apps downloaded on their phones, and conduct regular malware security checks to keep all personal and financial information safe.
Are you aware of these countries which have moved to digital payments? Have a look and enjoy reading it.