PayTM KYC Frauds
In these frauds, the unsuspecting victim gets one of those messages that are sent in bulk to unspecified targets by the
fraudsters. These messages come from a message ID that looks deceptively similar to PayTM and the gist of the message is that the recipient
needs to get the KYC done for his or her PayTM account otherwise the account would be blocked. The fraudsters mention a mobile number that
the recipient needs to call in order to get the KYC done.
When the recipient calls on the given number, the fraudster pretends to be someone working for PayTM and asks the caller
(the unsuspecting victim) to install a remote viewing Application such as Anydesk or Quick Support App. He, then, induces the victim to share
the Anydesk (or other similar App) ID. After convincing the victim that it is an important step in the verification process, the fraudster,
using the Anydesk App installed on his mobile, takes the remote access of the mobile phone of the victim by urging him to accept the remote
access attempt. After that, the fraudster gets access to the bank account and e-wallets of the victim and illegally transfers as much money
as he can to his own accounts or to that of his associates. In these frauds, the victims end up losing up-to several lakhs of Rupees. It must
be noted that while all this goes on, the fraudster does not let the victim hang up the phone lest he/she should see the bank messages
regarding the unauthorized transactions that are being done by the former. Once the fraud is complete, the swindler cuts the connection.
By the time victim realizes what has happened, they end up losing a lot of money; sometimes even their life savings.
There are other variants of the fraud. Thus, fraudsters pretend to be Customer Care executives of a company in whose
services the victim has shown interest, either through online search or through portals such as JustDial. To provide the online service,
they ask the victim to download the remote viewing App and also make a small, token payment (Rs.1/2/5). While the victim makes payment,
they capture the card credentials and using the remote access to victim’s phone, make multiple, unauthorized UPI transactions.
1. Always treat unsolicited callers/emails/SMSes with suspicion.
2. Never share credit/debit card details with anyone claiming to be bank official or customer care executive.
3. Never enter card details in online form sent by the caller. Your credentials might be stolen.
4. Do not download remote access Apps as fraudster will get access to all your messages and emails.
5. Never click on links in Phishing messages/emails appearing to come from government organizations,
officials, banks, etc. They install malware/ spyware on your device.
6. Be cautious while scanning a QR code sent for receiving payment. You may lose money from your account.
7. Be careful of fake customer care number appearing in web search. Use two-factor authentication
(Password + OTP) for all online accounts.