RBI spots fraud that wipes out a customer’s bank balance via UPI, alarm sounded
Fraudsters get victims to download the AnyDesk app, which gives them remote access to the mobile. After that, all your OTPs are theirs too.
The Reserve Bank of India has warned banks of an emerging digital banking fraud that can wipe out a customer’s bank balance by using the Unified Payment Interface (UPI) route.
The modus operandi is simple: fraudsters get victims to download an app called AnyDesk. Hackers get remote access to the mobile through a nine-digit code generated on the victim’s device. “Once a fraudster inserts this app code on his device, he will ask the victim to grant certain permissions, which are similar which are similar to what are required while using other apps,” RBI said in an advisory.
This enables the imposter to gain access to the victim’s device and carry out transaction fraudulently. The modus operandi, according to RBI, can be used to carry out transactions through any mobile banking app or payment-related apps, including UPI or wallets.
The central bank has sent an advisory to all commercial banks as the magnitude of the threat could well jeopardize thousands of crores of rupees in the accounts of retail customers, two people with direct knowledge of the matter told ET Magazine.
“We have already started issuing alerts to our customers as the regulator has expressed concern over such new ways of digital frauds,” said a senior bank executive, who did not wish to be identified. This is also relevant to customers transacting on various e-commerce platforms, the person added.
Guys today when everything is online, I just want to say that read twice before you accept any Permissions. Stay safe. Any thoughts or doubts do share with us. Share with us. For the fastest tech updates follow us on Facebook & Twitter. Stay Connected.