Fraudulent activities regarding banking have been on a rise since several modern communication platforms have become synonymous with the masses. While emails are still the primary way to undertake fraud practices and encroach upon an innocent person’s privacy, the modern digital age has only given more options to scamsters for carrying malicious practices. Of late, several State Bank of India (SBI) customers are facing a new OTP-based scam on WhatsApp.
SBI in one of its latest posts on Twitter talks about a new scam on WhatsApp that could concern its customers. The scam involves a message that educates the consumer about One-Time Passwords (OTP). A link is also shared in the same message that leads to downloading a malicious app and installing it on the user’s phone. The WhatsApp message also asks the person to share all the bank credentials that are necessary to carry a transaction. The app secretly works in the background to forward all OTP messages to the scamster’s phone. Whenever the scamster wants to carry a transaction, all the bank details, as well as redirected OTP messages, will help the fraudster conduct a successful transaction.
“The bank is aware of certain messages being circulated /forwarded via WhatsApp and Social media, to the effect that our esteemed customers are getting messages advising about an OTP (One Time Password) in respect of a transaction (normally low value) not purported to have been originated by the miscreant,” states the post.
While sharing the OTP with someone on WhatsApp or any platform may put the user’s bank account at risk, SBI suggests that nobody can get access to the account due to the Two Factor Authentication system. “We would like to reassure our customers that nobody can access your account without successful validation of 2FA (Two Factor Authentication),” says SBI.
To protect its customers from the fraudulent activity, SBI is widely advising its customers not to share any information regarding their bank account to anyone through WhatsApp, SMS or emails. “As a note of caution, we again request our customers not to share their card, account, bank credentials or OTP at any cost with any individual,” says SBI on Twitter.
Neither SBI nor any other bank asks for a person’s banking credentials on emails or messages. The only time a person requires to share credentials is while carrying a transaction at the ATM or an online transaction. Even when the bank sends an OTP for verification, the messages warn customers not to share the OTP with anyone else……Read More>>