KYC Fraud on Phone Call - How to Prevent Vishing?
Fraudsters never fail to surprise the world of security with just how sophisticated their actions can turn to trick vulnerable people into giving their confidential data or transferring money.
This is reflected in the incident of Jamtara, the eastern village in Jharkhand’s hinterland that became digital India’s hidden criminal society. The area that was once infamous for petty crimes has gained headlines due to the rising cyber-crime crimes. The gang active in the region, under the name Jamtara, has defrauded thousands of people across India, taking advantage of people’s ignorance of basic banking security rules.
The gang embezzles this vulnerability and masquerades as bank executives, or managers to extract confidential details of users such as their ID, password, and Aadhaar card number, under the fake pretext of updating KYC. They raise the urgency of the situation by alarming bank users that their accounts would become inoperable to gain the login id and swindle or even empty the accounts before the user realizes.
Jamtara is amongst the chain of cyber-crime gangs actively operating in different parts of India, who feed on the misinformation and unawareness of banking rules, mostly in smaller regions and amongst senior citizens. They call these targets for fake KYC updates, only to steal their personal details and make them transfer funds by causing a sense of urgency.
These crimes often termed ‘Vishing’, or ‘Voice Vishing’ involve tech-savvy social engineering tactics to convince targets to give up private information, despite knowing it might go haywire.
What is Vishing and how does it work?
When a scammer does a Vishing call, they are most likely to use their social engineering skills to trick you into sharing your personal & confidential information, including bank account passwords, and credit card details. financial data etc. The fraudsters would masquerade as executives of your bank or service providers and say that if you do not update your KYC immediately, then your account would be closed. Further, they raise an urgency by telling you to click on the link they provide or installing an app they would share, or in some cases ask for your bank account details to update KYC on your behalf.
The ones who fall into the trap, end up losing their confidential data and sometimes an empty account.
Vishing, another form of phishing on a call, also comes from a source that seems legitimate but is far from what it might seem. The goal of Vishing also remains the same as phishing- to steal your confidential information and your money.
Moreover, it has become quite easy to contact and scam people. Sophisticated scammers place hundreds of calls simultaneously, using voice over internet protocol (VoIP) technology. This enables the fraudsters to spoof the caller ID of users and make the call appear to come from a trusted source.
How to spot a vishing scam?
Below are some of the common tell-tale signs of a Vishing scam:
- The scammer who calls claims to represent your bank or service provider as a manager or customer care executive. However, unless you request contact with your registered bank relationship manager, you would not receive a call asking for your personal financial information. Therefore, if you receive such a call, the best way to spot a scam is to stay sceptical of anyone who calls you with such an offer.
- There is a frantic sense of urgency. The sense of fear is what scammers use to tap into your vulnerability to extract personal details.
- The caller asks for your information. The moment a person gives you a phone call, pretending to be a bank executive or manager, asking you for your confidential information, that’s the moment clarifying the call is not legit, and there is something fishy about the caller.
What are the suggested ways to avert Vishing?
Besides understanding how vishing works and looking for red flags, you can follow the below tips:
- The very moment you suspect the caller is trying to trap you in a vishing scam, do not feel obliged to continue with the conversation. Hang up the call and block the number, easy and effective steps.
- While on call, if you mistakenly continue the conversation and the caller asks you to respond to questions or press buttons, do not respond and hang up, rather than navigate through the instructions.
- If the caller provides you with a call-back number, it most probably is to trick you into their scam, so do not use it, instead, do your own investigation of the company details as provided and call the parent organization to confirm.
Moreover, if you already have provided your personal information or financial details to the suspect pretending to be a bank executive, who most likely is a scammer, then immediately call your bank about the matter. Ask your bank to block your account over a likely scam and block future transactions unless otherwise notified. You can also report this to National Cyber Crime Portal through helpline number 1930 and they will intervene to block the transaction from happening.
In order to prevent these types of scams from happening, you may take the assistance of India’s first online fraud protection app - Finlock
How does Finlock assist in averting Vishing?
To assist in a safe and secured digital journey, Finlock offers an AI-powered online fraud protection solution. Finlock detects and alerts its users 24/7, of any suspicious attempts, including KYC fraud on call. This best-in-class app provides real-time alerts against fraud. It also provides a transaction summary to spot any suspicious activity in your bank account or cards. Its 24/7 live support guides you with the reporting queries. Finlock also offers stolen funds reimbursement of up to ₹5 lakh in the event of online fraud.
Finlock with its smart security against online frauds identifies to build a cyber-safe future for digital India. It provides end-to-end protection from online frauds, by alerting users and guiding them through post-fraud steps.