Know your customer (KYC) is a process of verifying the identify of a person and customer. According to the Reserve Bank of India every individual who are using digital wallet i.e. PayTM, google Pay, BHIM, JioMoney etc. must have to go through the process of KYC. KYC has been introduced to fight against financial crime, money laundering, banks must make sure that their clients are genuinely who they claim to be. At the same time KYC has become a platform for cyber criminals to steal sensitive information from customer. Cyber Criminals impersonate themself as a representative from certain service provider and force innocent victims to reveal their bank and personal details.
Cartoon Contributed by:
How KYC works:
As per the news reported in various media houses 6 people duped of over ₹ 5 lakh in Maharashtra recently. In another incident, an 84-year-old man from Pune was cheated of Rs 17 lakh by a fraudster after collecting his user I'd and password, on the pretext of verifying his KYC Details.
When most of the citizens have moved from cash to online payment mode, the fraudsters started looking for various tactics to deceive them.
How Fraudsters Deceive:
One of the recent tactics is Vishing – Voice Phishing. In this tactic, the fraudster poses as an employee of the Payment Wallet (eg, PayTM) or credit/debit card issuing bank.He calls up the target that the card will be blocked since the KYC (Know Your Client) formalities are not complete or a renewal is due. Few of the messages that he gives are – “Your Paytm KYC has expired and needs to be renewed” or “If KYC not completed, your account will be blocked in 24 hours”.
The moment the caller says that the account or card will be blocked, the victim panics. The fraudster then offers to help him as he is the employee of the company.
At this point he tends to establish the trust by saying that he would not ask for any OTP as other scamsters do. Then he asks the target to install an application so that he can assist on phone without asking any password or account detail or OTP. THIS IS THE TRAP.
As soon as this App is installed on the device, he gets remote access of victim’s machine and the caller can see the phone screen.
To establish trust further, he would ask the victim to transfer a small amount like Rs 2/- or Rs 10/-. This being very small amount, victims feel comfortable and don’t doubt on the intention of the fraudster.
But actually, when the victim transfers that amount the password or PIN typed is visible to the fraudster.
Now he can initiate the transfer of large amount and the OTP sent by the bank and in a matter of minutes, the scamster cleans out the bank account.