Fraudsters Steal Money From Bank A/C Without OTP, Phone Call: Find Out How?

A recent case in Purnia, Bihar, highlighted a new strategy where a person’s account was duped without using an OTP, phone call, or other known methods. Standard methods of making use of One-time passwords (OTPs) and making deceptive phone calls to steal money have given way to new forms of cyber scam.

Bihar Police Bust Aadhaar Fraud: Land Record Hack Used to Steal Biometric Data & Money via AePS

In this occasion, cybercriminals used the victim’s Aadhaar biometric data, acquired from government land records, to make transactions via the Aadhaar Enabled Payment System (AePS). Bihar police revealed the fraud in a press conference, with Haryana IPS officer Pankaj Jain sharing the details on X (formerly Twitter).

The victim’s land documents, dated June 25, 2024, by hacking into a government database, explained the police. The Scammers then extracted the victim’s Aadhaar details and fingerprint from these records. By making use of Aadhaar details and cloned thumb impression, the criminal withdrew money from the victim’s bank account through AePS, which does not need any OTP for transactions. 

Eight individuals have been arrested in connection with the case. This group has been regularly cheating people without using regular methods like OTPs or fake calls. The investigation is going on, and authorities are searching for more suspects.

Securing Your Aadhaar: Beyond Fingerprints for AePS Transactions

By making use of Aadhaar credentials and fingerprint verification, which is useful in areas with poor or no internet connectivity, the AePS allows Aadhaar cardholders to make transactions. However, this method causes a threat since fingerprints can be illegally acquired and replicated by scammers. 

Aadhaar numbers should be hided, and a virtual ID should be used for online transactions, to avoid AePS scam. This virtual ID can be generated on the UIDAI website. In Addition, individuals should make sure their phone number and email address are linked to their Aadhaar to receive alerts for any doubtful activity. Victims of AePS cyber fraud are encouraged to report the incident on the National Cybercrime Reporting Portal.