We all get One Time Password (OTP) and other confidential bank information on the mobile numbers linked to our bank accounts. Banks and other financial institutions as well as e-wallet companies regularly warn customers not to share these mobile OTPs with others, not to disclose personal details with anyone on the pretext of mobile. key And to keep the mobile number updated with the banks for SMS alerts of all transactions.
Customers need to be on constant alert as fraudsters keep developing new tools and techniques to dupe innocent civilians. There’s an addition to the list SMS Spoofing. It is a technique in which the sender’s information is converted into SMS text. It allows one to send SMS as the other’s identity. In simple words, an SMS spoof is one where the sender’s name and mobile number are changed to pretend to be someone they are not.
In our case i.e. in banking, the sender id is usually changed to make the SMS appear valid and genuine from the bank.
How SMS Spoofing Works
The fraudster will send you an SMS and ask you to forward it to a specific number from your registered bank mobile number. Once you forward the SMS, the scammer is able to link/register your mobile number with UPI on your smartphone.
If needed, he can call you later to ask for account related details like Debit Card Number, ATM Card PIN, Debit Card Expiry Date and OTP. Obtaining these credentials allows him to generate a Mobile Banking Personal Identification Number or MPIN for your account registered on his device. This MPIN will later be used to authenticate the transaction from the bank account.
In some cases, the scamster may send a ‘collect request’ to your UPI ID and ask you to accept the request. This is usually done on the pretext of giving a refund. Falling for the bait, authenticating the transaction, can end in losing money.
.