Skip to main content

Bank fraud Awareness : Be careful about ATM card fraud , Debit card fraud , Credit card fraud

Awareness is necessity

" Be careful whenever you are sharing personal details on the Internet."

"Be careful whenever you are giving permission 'Allow' to applications during installation in your mobile."



As a Cyber volunteer, I have analyzed some case studies of these kinds of frauds.
Let me share one case study with you !!

One person was getting messages continuously in his mobile regarding OTP ( One Time Password). These OTPs automatically shared with someone else by any third-party application installed on his mobile. That someone else can be considered as cybercriminal in this case. And suddenly, money gets debited from his account, and after 7-8 transaction messages, his account statement was empty.

Here are some messages received by the victim.
  • The secret OTP for online purchase is 222343 on card ending XXXX. Valid till HH:MM:SS. Do not share OTP for security reason.
  • Rs. 9999 is Debited to A/c...XXXX on dd-mm-yy HH:MM:SS( Avlbl Bal Rs XXXXX) At POST TID-XXXXXXXXXX,ref-XXXXXXXXXXXX. TollFree XXXXXXXXXXX(24X7).
  • The secret OTP for online purchase is 110109 on card ending XXXX. Valid till HH:MM:SS. Do not share OTP for security reason.
  • Rs. 999 is Debited to A/c...XXXX on dd-mm-yy HH:MM:SS( Avlbl Bal Rs XXXXX) At POST TID-XXXXXXXXXX,ref-XXXXXXXXXXXX. TollFree XXXXXXXXXXX(24X7).

Now the question is, how this happens?


What kind of mistake is done by the victim?


There was one third party payment application in the victim's mobile, and during installation, he gave a text message read permission 'allow.'

We can get a refund within 24 hours in the past years, but cybercriminals became very active nowadays. They use smart ideas such as asking for the wallet to wallet transfer from the victim and then immediately transfer money in bank accounts. It is hard to reach them. Almost all cybercriminals use holidays to execute this kind of online fraud. Because during holidays, banks are closed, and sometimes we can not contact banks by helpline numbers. And your one mistake can spoil your holidays.


" There are several ways by which cybercriminals can reach you. In technical terms, its called 'Social Engineering.'
  1. By Text
  2. By Phone-Calls
  3. By E-mail

Whenever you receive such suspicious calls or messages or e-mails, don't trust these kinds of stuff.

What steps should be taken when bank fraud occur?

  1. Contact cyber cell nearest you or Local crime branch and register a complaint.
  2. The victim should go to the bank and fill up the dispute form within three days. It is very important.

Here I am sharing some useful and essential information.

  1. If any credit card related fraud occurs and you have insurance, there are 100% refund chances.
  2. If you have used net banking or any bank to bank transactions happen in which bank on both the side is same, then the transaction can be stopped by the authorities, and money can be refunded.
  3. In some cases, mistake is made by the bank. Sometime it happens that you are not sharing OTP; still, money is debited from your account; in this case, customers should go to the bank and fill up a dispute form within three days.
  4. When any debit card fraud occurs, there are minimal chances of refund money. So be careful before entering your debit card details on the internet.
  5. When a customer shares any OTP to any fraudster, it is not the bank's responsibility, so we can not blame bank.
Labels:

Comments

  1. Bharuch Cyber cell11 September 2020 at 18:01

    Good information

    ReplyDelete
  2. Aman Dobariya12 September 2020 at 09:00

    Very nicely explained and very useful for common people who don't know about such information

    ReplyDelete
  3. thejadeja12 September 2020 at 10:16

    Great information. Very useful in these times where cybercrime is the prime way for fraud activities.

    ReplyDelete

Post a Comment

Please do not enter any spam link here.

Popular posts from this blog

How to Pass CompTIA Security+ SY0-701 in 2 Months (839 Score Breakdown + Resources)

How I Scored 839/900 on CompTIA Security+ SY0-701 — 2-Month Prep Strategy That Actually Worked Score: 839/900  |  Exam: CompTIA Security+ SY0-701  |  Prep Time: 2 Months  |  Total Questions: 76 (including 3 PBQs) I'm not going to sugarcoat it — CompTIA Security+ is not easy, but it is very passable with the right strategy. I cleared it with an 839 out of 900, and in this post I'll share exactly how I did it, domain by domain, so you can replicate the approach without wasting time. My 2-Month Study Plan Month 1 — Domain-by-domain study: Read, take notes, and build comparison tables and mnemonics for tricky concepts. Month 2 — Heavy practice testing: Full focus on practice tests and PBQ simulations. Time management drills every session. The biggest mistake people make is spending 90% of their time reading and only 10% practicing. I flipped that in month 2 — and it made all the difference. Domain 1 — General Security Concepts What to focu...
Post a Comment
Read more

Every SOC Analyst Must Know These Windows Event IDs — Here's Why

Imagine you are the security guard of a massive office building. Every time someone enters, leaves, opens a cabinet, or tries to break in — it gets recorded in a logbook. Now imagine if that logbook could automatically tell you when something suspicious happened. That is exactly what Windows Event Logs are — the logbook of your Windows system, and for a SOC analyst, it is the single most important source of truth. In this blog, we will break down Windows Event Logs from scratch — what they are, how to read them, how to query them like a pro using PowerShell, and most importantly, which Event IDs you must memorize for your SOC analyst interview. Let's dive in. 1. What Are Windows Event Logs? Windows Event Logs are records that Windows automatically creates whenever something significant happens on the system — a user logs in, a service crashes, a file is accessed, an audit policy changes, a script runs. Think...
Post a Comment
Read more

Email Security Deep Dive: 13 Steps to Keep Your Emails Safe

Email Security Checklist The Email Security Checklist 1. Enable SPF (Sender Policy Framework) What it is: SPF is like a guest list for your email domain. It tells the world that only specific servers are allowed to send email for your domain. How it works: Publish an SPF record in DNS. When someone receives an email claiming to be from your domain, their mail server checks if the sending IP is listed in the SPF record. If the IP is not listed, the email is rejected or marked as spam. Example SPF record: v=spf1 ip4:203.0.113.0/24 include:_spf.google.com -all Only servers in the specified IP range and Google’s mail servers can send emails for this domain. Others are rejected. Points to Note: Prevents attackers from spoofing your domain and sending phishing or spam emails. 2. Enable DKIM (DomainKeys Identified Mail) What it is: DKIM is a digital signature for each email, ensuring that the message hasn’t been tampered with. Ho...
Post a Comment
Read more

Deep Dive into Cybersecurity: Security+ Level Knowledge Without the Certificate

📚 My Cybersecurity Learning Journey Key Topics from a 17-Hour Security+ Course 🔹 CIA Triad Explained Confidentiality: Ensuring that sensitive data is only accessed by authorized users. This is often achieved using encryption and access controls. Integrity: Ensuring data is accurate and untampered. Techniques like hashing, checksums, and digital signatures help validate that data hasn't been altered. Availability: Making sure systems and data are accessible when needed. Achieved through backups, redundancy, load balancing, and fault-tolerant design. 🔹 Types of Threats Malware: Includes viruses, ransomware, worms, and trojans that compromise devices or networks. Social Engineering: Manipulating users into giving up confidential info. Example: Phishing emails. Insider Threats: Employees or contractors misusing access, accidentally or intentionally. Advanced Persistent Threats (APTs): Long-term targeted attacks, often by well-funded threat actors. Zero...
Post a Comment
Read more

Job Scams / Telegram Scams in India

Awareness is necessity Job scams and telegram scams have become a rampant issue in India, with many unsuspecting individuals falling victim to these fraudulent activities. These scams not only cause financial loss but also result in emotional distress and a loss of trust in online platforms. In this blog, we will discuss the ongoing job scam and telegram scam in India, and provide some tips on how to identify and avoid falling prey to these scams. The job scam in India has been on the rise, with scammers posing as recruiters or employers offering lucrative job opportunities. These scammers often target job seekers who are desperate for employment and are willing to take any opportunity that comes their way. They use fake job postings, promising high salaries and attractive benefits to lure in their victims. Once the victim is hooked, they are asked to pay a fee for processing their application or for other reasons. In reality, there is no job, and the victim en...
2 comments
Read more