Phishing Attacks: Their Types & How to Prevent Them?

Therefore, the Government of India has taken the initiative by setting up a digital platform i.e., National Cyber Crime Portal. This portal is used for reporting cyber crime online in India. It was launched on pilot basis on 30^th August 2019. This portal focuses on reporting of cyber crimes against women, children and financial frauds. Complaints lodged on the portal are taken care of by the authorized law enforcement agency.

Why is there a need for a National Cyber Crime Portal?

Well, the foremost purpose is to offer flexibility to the victims to report crimes directly online and without the hassle of going to police station to report the crime with cyber cell. To report cyber crime in India, the victim needs to fill a complaint form with all the necessary details to pursue investigation and is acted upon swiftly. The Cyber Crime Portal has two sections:

1. One for crimes against women and children.
2. Other, which deals with online and social media frauds.

There is also a provision on the portal to report the crime anonymously. If you want rapid action from authorities, details that you share on the portal need to be complete and accurate. Additionally, there is a ‘check status’ feature that allows you to track your complaint status.

Step-by-Step process to report cyber crime on the Cyber Crime Portal

Reporting of the crime portal can be done in two ways:

1. Calling on the helpline number 155260. This number is reachable from 9:00 AM to 6:00 PM.
2. Directly on the official website https://cybercrime.gov.in

Here we are detailing the procedure to file the complaint on the portal. Before we take you to the "how to report cybercrime online" guide, one thing that you solely need to keep in mind is that there are several fake URLs with UI similar to that of official website. Beware of such websites.

1. Visit the Official Website of the National Cyber Crime Portal

2. Hover on the ‘menu’ section and you will be able to locate two available options.

   1. Report Women/Child-Related Crime.

   2. Report Other Cyber Crime

Depending on the trait of a crime you are reporting, choose the viable option.

3. To report a case of online fraud, go to page ‘Report Other Cyber Crime’ and click ‘File a Complaint’ Link.

4. This will redirect you to the ‘Terms and Conditions’ Page wherein you need to accept the terms by clicking on ‘I Accept’ in order to proceed to the login page.

5. For login, you will need to specify your username, State, mobile number, etc. You will be prompted for OTP on your phone.

6. Post-authentication from Captcha, the complaint registration form will fly-in. You will need to enter all the details related to the crime including date, time and location of the incident, details of the incident and supporting evidence. Finally, hit ‘Submit’ and you are done.

7. You will receive the Complaint ID on your registered mobile number and email. You need to keep this noted for future reference.

8. Also, download the pdf version of the complaint for your record.

Check the Status of your Cybercrime Complaint

After you have successfully filed a complaint, you need to follow the steps to track the latest status of your complaint.

1. Login to the official Crime Portal.
2. Click on ‘Check Status’
3. You need to enter the Complaint ID. Alternatively, you can also look up from ‘Request Date’
4. Now track your cyber crime report status easily.

Summary

The National Cyber Crime Control has in a major way made it easier for reporting cases as they happen. This is a great initiative by MHA and is still continuing to serve many victims in the process. You can use a cyber fraud alert system or online fraud protection app that can protect you against cyber attacks. 

If you still have any queries on how to report cyber crime online in India, feel free to contact us.

The speed and scale of UPI that carries today is beyond imagination. As per National Payments Corporation of India (NPCI) – the government body that introduced UPI system in April 2016, 220 banks in India were actively using the UPI platform in April 2021. And there were over 2.7 billion transactions amounting to more than Rs. 5 lakh crores in March 2021.

UPI is the stepping stone of the current economy and speaking of security, it needs to be airtight. UPI transactions have hit high and not too much to our surprise, it is has become one of the most preferred methods to conduct payments. This has brought unwarranted attention of fraudsters too.

We all have seen the trail when it comes to online banking fraud, and it was very recent when HDFC Bank issued a warning for all its users. The alert made a noise, a loud one, mentioning fraudsters stealing money from the bank account of other users via UPI.

The exact number of UPI fraud cases in India is not available. The scale of the problem can be known from the disclosure by risk and fraud management division of Paytm in a national daily that it receives around 1300 payment related complaints daily – that’s half a million complaints annually from Paytm alone.

To understand the ways to protect ourselves from UPI frauds, it is important to be aware of the possible ways in which UPI Frauds are conducted.

Types of UPI Frauds in India

Staying vigilant is extremely crucial and you need to be aware of different kinds of UPI frauds in India that are happening around you. Some of the prominent ones linked to UPI Scamming are mentioned below: -

1. Phishing UPI Scams

This is one of the most common occurring UPI payment frauds in India. Fraudsters do a pretty good job by sending unauthorized links for payments through text messages, emails, etc. You are very likely to be mistaken when these fake bank URLs twin with the original ones.

Now, once these links are clicked, you will end up on a fake website. If you enter your UPI id and PIN to make the payment, these can be misused by fraudsters to steal money from your account using your UPI details.

In some cases, these fraud URLs may also induce malwares/ spyware on your phone to get your financial information.

2. Deceptive UPI handles

Scammers take advantage of the popular UPI handles that are in public domain and people are using to transfer money. They make similar looking UPI ids and circulate them widely on social media. Users may fall into this trap and end up transferring money into these fake UPI accounts.

Recent example of such malpractice is from 2020 Covid-19 induced lockdown in India. During this time, lot of people wanted to donate money to PM Care – a Government of India initiative, but there were many fake UPI ids doing rounds on social media. Several people lost their money. SBI bank also issued advisory on social media to warn public of such fake UPI handles.

3. Screen Monitoring Tools

Well, Work from home is the new mandate now. Screen Monitoring Tools such as AnyDesk, TeamViewer are nowadays a compulsory requirement which can easily be connected to your working device through internet.

Fraudsters are exploiting this moment. They call users and deceive them by posing as representatives from banks or other service providers. If users don’t have screen monitoring tools, they are asked to download these apps on their phones on pretext of resolving some issues or customer verification/ KYC. Once installed on your phone, these apps can grant fraudsters full access to your phone. They can read all your passwords, OTP messages and use them to make unauthorized transactions.

4. UPI Payment Requests

UPI users know that to pay using an UPI app, user has to enter UPI PIN and to receive money they are not required to enter any PIN. But fraudsters promising to pay user share 'send money' request in disguise of a 'collect money' request and fool users into entering their UPI PIN which deducts money from their accounts.

This UPI fraud has been common on e-commerce websites such as OLX where people list their products to sell. Fraudsters contact users posing as a buyer and accept to buy the products unconditionally by paying through UPI. Users are deceived into entering UPI PIN to receive money but they end up losing money. Make sure you also read the advisory by OLX to spot a fraud buyer.

How to file UPI Payment Fraud complaint in India?

As soon as you have become a victim of an unauthorized UPI payment fraud, here is what you need to do.

1. Directly file a complaint with your bank
   • Inform your bank about the fraudulent transaction by calling the customer care. Make sure to note the complaint number.
   • If calling doesn’t work, you can send an email or written letter to your bank branch manager.
2. Reach out to your UPI payment platform
   • Register a complaint with your payment platforms such as Google Pay, PhonePe, Paytm, etc. by calling their customer care.
3. Complaint to cyber crime police
   • Call on National Cyber Crime Helpline 155260 within 2 hours of the UPI payment fraud.
   • After more than 2 hours of the fraud, log a complaint on National Cyber Crime Reporting Portal. Enter all the details about the fraud. Investigating agency will look into this matter and try to recover your money. For more information read How to Report Cyber Crime online in India. 
   • You can also file an FIR directly at the nearest cyber police station.

How to prevent UPI Payment Frauds?

Some of the common ways to protect yourself from UPI Frauds are: -

• Keep distance from fraudsters – Don’t engage yourself with fraudsters. Banks and service providers will never call you to ask for your sensitive information. It’s a red flag in case you receive a call from the bank asking you for personal details/ OTP/ PIN or getting you to download some app.
• Remember when to use PIN – Always remember that you need to enter UPI PIN only to send money. To receive money, you don’t have to enter any PIN.
• Spam warnings on UPI App – Google Pay and PhonePe give spam warnings to users when they detect a suspicious account. Keeping an eye out for such accounts and do not entertain any payment requests or messages from them.
• Big ‘NO’ to unsecured public Wi-Fi – Using unsecured public Wi-Fi is never a good idea. Hackers look for a chance to steal the necessary details out of your device when you are connected to the Wi-Fi. To know more about this menace, read How Public Wi-Fi is endangering your private life
• Unauthentic e-mails are not welcome –The most common way to trick users to download Malware and obtain information is done via E-mails. Therefore, it is a good idea to always scan your e-mails for any sort of viruses.
• Using tools to detect fraudulent attempts – Cybersecurity tools for your phone such as FinLock is a great option for protection against UPI Frauds. FinLock detects ‘collect’ UPI Payment requests that you receive through QR Codes and alerts you so that you don’t fall into the trap of scammers who will tell you that you will receive money from this transaction.

Final Words

UPI-related frauds have become very eminent in the digital world where we have to rely on a fast mode of financial transaction. Beware, be conscious and most importantly, be ‘alert’ because these frauds are silent. They just attack you and keeping yourself safe by following the right guidelines is the only way that secures you and your credibility.

SIM swap scams are one of the newer forms of online frauds that are taking over the world of online banking, with a number of high-profile hacks being done to gain access to the personal data of well-known individuals through an elaborate scam. It came into focus after the infamous hacking of Twitter CEO Jack Dorsey's Twitter account in 2019 through SIM Swap. Several major cases have followed, ranging from accessing online social accounts to losing millions of dollars through a SIM swap fraud in recent years. India has also seen an exponential rise in these scams, with people losing millions of rupees through these scams.

How does SIM swap attack affect you?

A SIM swap or simjacking is a fraud that basically involves a scammer gathering personal information about you often through social engineering or phishing and then getting in touch with your mobile carrier to report your SIM card as stolen.

In another technique, scammer may call you posing as a telecom representative and offer you to upgrade your 3G SIM to 4G or to upgrade your SIM to an eSIM. This would require you to send an SMS request to telecom operator. You will be deceived into initiating this SIM change request from your phone.

These techniques allow the scammer to obtain a new SIM card with your telephone number using the personal data that they stole from you previously. With your phone number in their hands, they can now gain access to all your financial data, including OTPs and password resets, and can also easily transfer funds from your bank into their own account. The worst part about this is that they can carry out every step of the SIM swap scam without even sounding any alarms. On activation of the new SIM, your phone will stop working and you will not be aware of any transactions made by the scammers in your bank accounts.

Signs that you might be a victim of a SIM card swap fraud

1. Unable to place calls or send texts: - If you are suddenly expressing difficulty in placing calls or sending texts, chances are that fraudsters might have deactivated your SIM and currently have access to your phone number.
2. Service provider warning: - If your telecom provider notifies you that your SIM card or phone number is active in another device or that they have received a request to replace/upgrade SIM, there is a chance that you have fallen victim to a SIM swap attack.
3. Unable to access accounts: - If log-in credentials on your bank or other online accounts have suddenly stopped working, fraudsters may have changed your passwords and gained access to your accounts through a SIM swap attack.

What to do in case of a SIM Swap fraud?

1. Contact Telecom operator: - Immediately contact your telecom operator and block your SIM to prevent fraudster from making any new transactions.
2. Inform your bank: - Inform your bank about your SIM swap attack and check recent transactions. Report if those transactions are not made by you. You can also block your cards, accounts to prevent any transactions.
3. Complaint to Cyber cell: - Within 2 hours of discovery of fraud, you can call helpline 155260. After 2 hours, you can file the complaint on National Cyber Crime Reporting Portal. You can also report to your local cyber cell.

How can you prevent SIM Swap attacks?

There are multiple ways through which you can protect yourself from falling victim to a SIM swap fraud.

1. Awareness: - Be aware about sharing personal information with other parties and avoid making your personal phone number public in online communities.
2. Online behaviour: - Be wary of phishing emails and fraudulent text messages or calls as they can source personal data about you by posing as a member of a prominent organisation.
3. Bank and carrier alerts: -Keep track of alerts sent by your bank or mobile carrier as they can help you identify if your phone number and/or bank account has been compromised by a scam.
4. Mobile network: - Losing mobile signal on your device is one of the first warning signs of a possible SIM swap attack. Pay attention to the carrier signal and other text alerts by your service provider that can alert you about a recent SIM swap on your phone number.
5. Diversifying security options: - Avoid keeping your phone number as the sole recovery option for your online accounts and try using a separate email account that is not linked to your phone number to make it harder for a scammer to gain access to all your online accounts through a single SIM card swap.
6. Authentication apps: - Try using dedicated authentication apps by Google or Microsoft that provide you with two-factor authentication without forcing you to rely on your phone number and OTPs to gain access to your accounts.
7. Security apps: - Experts agree that one of the best ways to protect yourself from online frauds like SIM card swaps is by utilising an advanced security app like FinLock that can help you protect your personal and financial information and secure you against falling victim to multiple online scams and frauds. It also alerts you in case a request has been made from your phone to upgrade or change your SIM.

Conclusion

Rising number of online frauds like SIM card swaps has been affecting the lives of thousands of innocent people on a regular basis. The best way to protect yourself while enjoying the growing digitisation of banking services in countries like India is to be aware and take all the preventive steps to safeguard your online identity.