Fraudsters Robbing Bank Customers By Fake Toll Free Numbers! RBI Issues Warning

RBI issues a cautionary notice, informing banks and their customers about a new kind of social engineering fraud involving phone numbers.
RBI issues a cautionary notice, informing banks and their customers about a new kind of social engineering fraud involving phone numbers.

With workspaces shifting to online platforms and work from home becoming the highlight of the current financial year, the volume of cybercrime activities conducted between January to December 2020 have recorded over 242% spur.

We have been keeping you thoroughly updated of all the different kinds of online fraud going on amidst this new kind of normal.

Now, the country’s banking regulator, the Reserve Bank of India has issued a cautionary notice, notifying banks and in-turn their customers, to beware of a new kind of fraud involving phone numbers similar to legit sources, like banks and other financial institutions.

Let’s learn more about this.

New ‘Non-Technical’ Fraud Involving Phone Numbers

The RBI’s Department of Supervision has issued a notice, regarding a new fraud which involves phone numbers that appear like official numbers from credible sources.

The notice informs that a social engineering fraud is in circulation, which is using phone numbers which look like toll free numbers of banks.

A social engineering fraud is a non-technical strategy used by cyber attackers, which target human interaction, by tricking people into breaking standard security practices, which lead to these attackers gaining access to confidential information.

In this case, the RBI received inputs from some reliable cases, depicting a new modus operandi of social engineering frauds, making use of mobile numbers resembling a Supervised Entity’s (SE) Toll Free number.

These fraudsters registered such fake SE numbers in the name of that SE on caller identification mobile apps, like Truecaller.

How are these Fraudsters Duping People?

As mentioned above, by using fake ‘look-alike’ numbers legitimate businesses’ and banks’ toll free numbers, these cyber attackers are tricking people into providing them with their confidential account details.

For instance, consider a legitimate SE’s toll free number 1800 123 1234. The fraudsters will obtain a similar looking number like 800 123 1234, and register it on the caller identification application like Truecaller, as the official toll free number of that SE.

On calling the victim using this slightly tweaked number, the unsuspecting receiver cannot easily distinguish this number from the actual toll free number, as Truecaller’s pop up too adds on to the layer of confidence in the receiver’s impression, on the flashing (fake) number.

The fraudster then lures the victim into providing his/her sensitive information, like card details, username or OTP, among others, thereby getting access to the  victim’s account and making unsolicited transactions.

Comments are closed, but trackbacks and pingbacks are open.

who's online