Theft comes in different forms, and attacks from unknown and surprising ways. OTP theft has become the newest form of theft that has been making the rounds. With people and banks going mobile, thanks to the smartphone age, thieves are not slowing down and are keeping up to pace. Recently a case had been reported in Bengaluru of a fraudulent caller, asking for an OTP to update Credit and Debit card statements. There have been many reported cases of large amounts of money being scammed out, but no arrests have been made yet. While fraudsters have found their ways in Bengaluru, cases of OTP theft encompasses a much bigger boundary, and cases have been coming in from places like Mumbai, Jharkhand, and Kozhikode as well.
While many of us assume that OTP theft happens because of irresponsible customer behavior, many others like first-time online banking users, senior citizens, among others fall prey to such cases. Kerala reported at least 10 people's OTPs being stolen from unknown callers in the state, and Mumbai reported of a woman who shared her OTP 28 times, which helped the perpetrator swindle her of nearly Rs 7 lakh.
OTPs have been something the people of the digital age use on a daily bases, be it for Banking transactions, online orders, bill payments etc. So how can you be a user of the OTP while not falling prey to its fraudsters.
How do they do it?
There are two basic ways an OTP can be retrieved one is through an actual fraudster calling with the pretense of being an employee of the bank you have an account in. They promise to speed up a process you have been waiting to do, ask for your card details, the CVV and lastly the OTP. once all the information is in their hands, emptying your bank balance into theirs is a matter of minutes. Another way it is done is when your phone is being compromised with malware. At these times, people have direct access to all your messages and calls and an unauthorized transaction can be made using your credentials.
What can you do?
One should always remember that no bank will ever ask them to verbally state out their card number, CVV or the OTP. Reading this out could divert your transactions to the fraud account.
In case a booking is being made on call, see that you are asked to type in your details and not say it out loud.
If you receive SMSes from unknown numbers, that don’t look like the regular and contains an encrypted message or link, don’t be tempted to click on them. The claim on the link might sound interesting but it will be used to compromise your phone and messages will start to get diverted to the wrong hands.