“Dear SBI User, Your SBI Account Will Be Blocked Today. Please Update Your PAN Card Immediately. Click Here.”
Like many cyber victims, Delhi’s Komal (name changed) was also perplexed after receiving this warning message on her mobile. As soon as a panic-stricken Komal clicked on the link, it took her to a webpage, where she followed the instructions asking her to feed in her details.
After following the process, she entered the OTP which she received on her phone to complete the PAN and mobile link process. However, within minutes, Rs 40,000 was deducted from her account. It was at this moment that she realised that she had been duped by cyber cheats and there was nothing wrong with her bank account. Though Komal, who works with an MNC, registered a police complaint, she never got back her hard-earned money.
As the cyber fraudsters keep pace with the digital transformation being witnessed in the country, they send messages of blocking bank accounts or snapping power connection at houses, offices and stores, besides luring people on the pretext of extra earnings or discounts on online shopping. These types of cyber attacks are called phishing/smishing attacks, and not only the SBI, but every other banking, financial and other application customers can fall prey to it.
According to government data, more than nine lakh incidents of phishing and vishing have been reported in the last two years and customers have collectively lost nearly Rs 1,500 crore due to such incidents between April 1, 2020, and March 31, 2022.
A senior police officer said that a new modus operandi has been noticed in the field of cyber crime, wherein the fraudsters send random messages to people, stating things like ‘update your PAN card or your bank account will be blocked’, among others. A similar modus operandi is used in the messages sent regarding power bills. The message states that the electricity bill has not been updated in the system and by tonight power supply will be disconnected.
“If someone clicks on the link, the scammers will transfer the amount from the victim’s account to the fake/fraudulently obtained account using the remote access software,” the officer said.
In bank SMS scams, the cyber thugs often send fake messages impersonating banks and ask you for personal information such as account details, OTP, and identification numbers. “The fraudsters will send phishing links and ask you to follow instructions and share OTP to avoid any bank account closure or link cards like PAN with mobile. After luring the victim, the scammers will get remote access to your mobile or will access your bank account and steal money from your account,” said the official.
It is pertinent to mention here that legitimate banks will never request this information through an unsolicited message. If phishing fails, the cyber frauds use vishing in which they trick people into doing things they believe are in their best interests.
During a vishing phone call, a scammer uses social engineering to get you to share personal information and financial details, such as account numbers and passwords. The scammer might say your account has been compromised, claim to represent your bank or law enforcement agencies, or offer to help you to install software.