“Members of public are hereby cautioned not to share account login details, personal information, copies of KYC (Know Your Customer) documents, card information, PIN, password, OTP, etc. with unidentified persons or agencies,” the Reserve Bank of India (RBI) warned in a press release. It also directed users to not share details through unauthorised websites or applications.
The customers must immediately inform their bank branch in case they receive such a request, the statement added.
Online scams and ATM frauds constitute a major chunk of cyber crimes as digital banking makes swift inroads in our lives. The Parliament in February this year said that over 2.9 lakh cyber security incidents related to digital banking were reported in 2020. With KYC becoming the norm to access banking services, many cyber criminals are looking to exploit this mechanism to dupe unsuspecting customers, who are not well-versed with technology incidentally, into revealing their confidential information like OTP and bank account details. Victims have no hope for redressal in such cases as red tape ensures the process drags on for months if not years.
What kind of complaints has RBI been receiving?
The central bank said that it is seeing an increase in complaints about frauds being perpetrated under the guise of updating KYC.
“The usual modus operandi in such cases include receipt of unsolicited communication, such as calls, SMS, emails, etc., by a customer urging them to share certain personal details, account login details, card information, PIN, OTP, etc. or install some unverified application for KYC updation using a link provided in the communication,” the bank explained.
The scammers often lace their requests with threats of closure of bank accounts. It leads to the customer sharing information with the fraudsters who then defraud the customers which can inflict significant financial losses upon victims.
A few instances of fraud committed in the name of KYC
- A sexagenarian couple was duped for Rs 19 lakh after they received an SMS stating that their SBI account will be suspended due to wrong KYC details with the bank. The couple believed the link to be genuine because they had submitted their KYC documents for verification earlier in the day. A district consumer court asked the bank to compensate the couple in its verdict.
- A 58-year-old man was duped for Rs 2.97 lakh by a fraudster who impersonated a Vi executive and asked him to install a remote mobile application under the pretext of updating his KYC form, Indian express reported.
- A 65-year-old woman lost Rs 5 lakh to a cyber fraudster who tricked her into disclosing her bank details pretending to update her KYC form. The culprit allegedly impersonated an executive from the victim’s mobile network service provider, Indian Express said.
- A man lost more than Rs 1 lakh in West Bengal’s Lalbazar after criminals cloned his phone. The money was siphoned after the victim clicked a link and transferred Rs 13.90 for KYC, News18 said in its report.
- RBI relaxes Know-Your-Customer norms, allows full conversion of limited KYC accounts
- Millions of card and KYC details leaked from MobiKwik up for sale
- Government admits to some of the banking frauds through Aadhaar linkage
- Government Sets Up Digital Intelligence Unit To Monitor Fraudulent Transactions
- OTP Scam: SBI Directed To Undo Rs 18 Lakh Unauthorised Transaction From Couple’s Account
Have something to add? Post your comment and gift someone a MediaNama subscription.