Skip to main content

Bank fraud Awareness : Be careful about ATM card fraud , Debit card fraud , Credit card fraud

Awareness is necessity

" Be careful whenever you are sharing personal details on the Internet."

"Be careful whenever you are giving permission 'Allow' to applications during installation in your mobile."



As a Cyber volunteer, I have analyzed some case studies of these kinds of frauds.
Let me share one case study with you !!

One person was getting messages continuously in his mobile regarding OTP ( One Time Password). These OTPs automatically shared with someone else by any third-party application installed on his mobile. That someone else can be considered as cybercriminal in this case. And suddenly, money gets debited from his account, and after 7-8 transaction messages, his account statement was empty.

Here are some messages received by the victim.
  • The secret OTP for online purchase is 222343 on card ending XXXX. Valid till HH:MM:SS. Do not share OTP for security reason.
  • Rs. 9999 is Debited to A/c...XXXX on dd-mm-yy HH:MM:SS( Avlbl Bal Rs XXXXX) At POST TID-XXXXXXXXXX,ref-XXXXXXXXXXXX. TollFree XXXXXXXXXXX(24X7).
  • The secret OTP for online purchase is 110109 on card ending XXXX. Valid till HH:MM:SS. Do not share OTP for security reason.
  • Rs. 999 is Debited to A/c...XXXX on dd-mm-yy HH:MM:SS( Avlbl Bal Rs XXXXX) At POST TID-XXXXXXXXXX,ref-XXXXXXXXXXXX. TollFree XXXXXXXXXXX(24X7).

Now the question is, how this happens?


What kind of mistake is done by the victim?


There was one third party payment application in the victim's mobile, and during installation, he gave a text message read permission 'allow.'

We can get a refund within 24 hours in the past years, but cybercriminals became very active nowadays. They use smart ideas such as asking for the wallet to wallet transfer from the victim and then immediately transfer money in bank accounts. It is hard to reach them. Almost all cybercriminals use holidays to execute this kind of online fraud. Because during holidays, banks are closed, and sometimes we can not contact banks by helpline numbers. And your one mistake can spoil your holidays.


" There are several ways by which cybercriminals can reach you. In technical terms, its called 'Social Engineering.'
  1. By Text
  2. By Phone-Calls
  3. By E-mail

Whenever you receive such suspicious calls or messages or e-mails, don't trust these kinds of stuff.

What steps should be taken when bank fraud occur?

  1. Contact cyber cell nearest you or Local crime branch and register a complaint.
  2. The victim should go to the bank and fill up the dispute form within three days. It is very important.

Here I am sharing some useful and essential information.

  1. If any credit card related fraud occurs and you have insurance, there are 100% refund chances.
  2. If you have used net banking or any bank to bank transactions happen in which bank on both the side is same, then the transaction can be stopped by the authorities, and money can be refunded.
  3. In some cases, mistake is made by the bank. Sometime it happens that you are not sharing OTP; still, money is debited from your account; in this case, customers should go to the bank and fill up a dispute form within three days.
  4. When any debit card fraud occurs, there are minimal chances of refund money. So be careful before entering your debit card details on the internet.
  5. When a customer shares any OTP to any fraudster, it is not the bank's responsibility, so we can not blame bank.
Labels:

Comments

  1. Bharuch Cyber cell11 September 2020 at 18:01

    Good information

    ReplyDelete
  2. Aman Dobariya12 September 2020 at 09:00

    Very nicely explained and very useful for common people who don't know about such information

    ReplyDelete
  3. thejadeja12 September 2020 at 10:16

    Great information. Very useful in these times where cybercrime is the prime way for fraud activities.

    ReplyDelete

Post a Comment

Please do not enter any spam link here.

Popular posts from this blog

How to Pass CompTIA Security+ SY0-701 in 2 Months (839 Score Breakdown + Resources)

How I Scored 839/900 on CompTIA Security+ SY0-701 — 2-Month Prep Strategy That Actually Worked Score: 839/900  |  Exam: CompTIA Security+ SY0-701  |  Prep Time: 2 Months  |  Total Questions: 76 (including 3 PBQs) I'm not going to sugarcoat it — CompTIA Security+ is not easy, but it is very passable with the right strategy. I cleared it with an 839 out of 900, and in this post I'll share exactly how I did it, domain by domain, so you can replicate the approach without wasting time. My 2-Month Study Plan Month 1 — Domain-by-domain study: Read, take notes, and build comparison tables and mnemonics for tricky concepts. Month 2 — Heavy practice testing: Full focus on practice tests and PBQ simulations. Time management drills every session. The biggest mistake people make is spending 90% of their time reading and only 10% practicing. I flipped that in month 2 — and it made all the difference. Domain 1 — General Security Concepts What to focu...
Post a Comment
Read more

Splunk in Plain English — A Practical SOC Guide

Imagine you are a detective, and every device on your network — servers, laptops, firewalls, cloud systems — is leaving footprints everywhere. The problem is there are millions of footprints every single day, scattered across thousands of different files. Your job is to find the one set of footprints that does not belong. That is exactly the problem Splunk solves. It is the platform that collects every footprint from every device, puts them in one place, and gives you the tools to find the suspicious ones — fast. In this blog, I will take you through Splunk from absolute scratch — what it is, how it works under the hood, how to write SPL queries like a pro, how to build dashboards and alerts, how to set up a SOC lab, and most importantly, the interview questions you will definitely face if you are going for a SOC analyst role. I have completed the TryHackMe Advanced Splunk rooms including SPL exploration, SOC lab setup, dashboards and reports, data manipula...
Post a Comment
Read more

Master Kubernetes: Architecture, Commands, and Real-World Applications

Kubernetes Basics for DevOps & DevSecOps Kubernetes Basics for DevSecOps 1. Introduction to Kubernetes In the early days of deploying applications, we used to run them directly on physical servers. This approach was inflexible and inefficient — if one application needed more resources, it could starve others. Virtual machines (VMs) improved this by isolating workloads, but they were heavy and took time to provision. Then came containers. Containers are lightweight, portable, and can run anywhere — your laptop, a server in the cloud, or even a Raspberry Pi. But managing containers at scale quickly becomes a nightmare. Imagine you have 500 containers — how do you start them, stop them, update them, and ensure they recover from failures automatically? Enter Kubernetes — an open-source container orchestration platform that automates deployment, scaling, and management of containerized applications. It was originally developed by Google and i...
Post a Comment
Read more

Every SOC Analyst Must Know These Windows Event IDs — Here's Why

Imagine you are the security guard of a massive office building. Every time someone enters, leaves, opens a cabinet, or tries to break in — it gets recorded in a logbook. Now imagine if that logbook could automatically tell you when something suspicious happened. That is exactly what Windows Event Logs are — the logbook of your Windows system, and for a SOC analyst, it is the single most important source of truth. In this blog, we will break down Windows Event Logs from scratch — what they are, how to read them, how to query them like a pro using PowerShell, and most importantly, which Event IDs you must memorize for your SOC analyst interview. Let's dive in. 1. What Are Windows Event Logs? Windows Event Logs are records that Windows automatically creates whenever something significant happens on the system — a user logs in, a service crashes, a file is accessed, an audit policy changes, a script runs. Think...
Post a Comment
Read more

Exploiting and Securing GitLab: Lessons from a TryHackMe Lab

Perimeter security isn’t enough—because sometimes the threat is already inside. In this blog post, I’m sharing what I learned from a hands-on TryHackMe lab on GitLab security . It revealed how a simple internal misconfiguration—like open registration or overly permissive repo access—can lead to major data exposure inside an organization. I’ll walk you through the red team perspective on exploiting a misconfigured GitLab instance , and then flip the script to explain how you can secure your own internal build systems . Scenario: Inside the Walls of a Large Organization Think of a large organization—like a bank—with thousands of employees and multiple teams handling development, IT operations, and security. To keep intellectual property (IP) secure, these organizations often host self-managed GitLab instances on their internal network. But here’s where things can go wrong: GitLab is hosted internally Allows anyone on the internal network to register Has some projects...
Post a Comment
Read more

Docker 101: Understanding Containers from Scratch

Docker Basics and Docker Compose Explained Docker Through My Lens Introduction to Docker Docker is a platform designed to create, deploy, and run applications inside containers. Containers bundle an application with all its dependencies, ensuring consistency across different environments. Unlike virtual machines, containers are lightweight and share the host operating system kernel, making them efficient for development, testing, and deployment. Basic Docker Commands To start using Docker, here are some essential commands: docker run [image] – Runs a container from the specified image. docker ps – Lists running containers. docker ps -a – Lists all containers, including stopped ones. docker stop [container_id] – Stops a running container. docker rm [container_id] – Removes a container. docker images – Lists available Docker images. docker rmi [image_id] – Removes a Docker image. Creating Your First Docker Container You can run ...
Post a Comment
Read more