The continuous improvement in the ease of doing financial transactions has induced an upsurge in retail payments in the country over the past few years. Unfortunately, the number of frauds in retail financial transactions has shot up too and poses a threat to businesses, consumers and various other stakeholders. Fraudsters have resorted to innovative methods to swindle common and gullible persons, especially senior citizens and new entrants not completely familiar with the techno-financial eco-system.
Recently, the RBI Ombudsman has meticulously compiled and highlighted the various types of frauds we could potentially face while carrying out financial transactions. You must particularly watch out for fraudulent activities such as Phishing, Vishing Calls, malicious mobile apps/links, unsolicited remote access, ATM card skimming, SIM cloning, juice jacking, fake contact details, social media impersonations, bogus QR codes, online lotteries and card frauds among others. While being aware of the modus operandi of fraudsters is vital, you need to take several precautions and practise due diligence while performing financial transactions.
Some popular types of payment frauds
Fraudsters create links to third party websites which are almost identical to genuine bank or e-commerce websites and are shared through SMS, social media, and emails. The customer unsuspectingly provides his confidential information and gets swindled.
Scammers make fraudulent calls pretending to be bankers, government officials, etc. and request the customer to enter their secure credentials citing an emergency. They create false scenarios and provide few details such as name or date of birth that lure customers into sharing their confidential data.
Merchants get duped by fake buyers on online selling platforms who express interest in their product. Instead of making payment, these fake buyers avail the "request money" option of the UPI app and ask for request approval to steal funds.
Fraudsters can get full access to your mobile device once you download an unverified mobile app. These malicious application links are generally shared via SMS, email or on social media.
In this type of fraud, the scammer creates a fake profile on social media platforms such as Facebook, Twitter, etc. appearing as a friend and then deceitfully asks for monetary favors or help from other users.
A customer can sometimes stumble upon fake contact details through search engine results. They might then contact the imposters assuming them to be genuine contact persons and share sensitive payment data, which puts them at a great risk of theft.
App / Remote Access
Customers are deceived into sharing their device screens with a fraudulent party, thereby granting them access to confidential data.
Customers can be tricked into scanning fake QR codes set up by swindlers, resulting in fraudulent financial transactions.
Charging of mobile phones through unidentified charging ports can lead to unsolicited installation of malware apps or software, which can provide scammers with full access to the customer's confidential data.
Fraudsters impersonating as NBFCs send alluring SMSes to customers offering attractive loans or enhanced credit limits requesting a call back. The customer is then requested to fill up an online form and share OTP or PIN details to submit the forms leading to a compromise of data.
Various lending apps offering instant loans or easy repayment options catch the interest of customers who are in urgent need of funds. The fraudsters then dupe them into paying various upfront charges such as processing fee, intercity charges, advance EMI, taxes, etc., and abscond without disbursing the loans.
In this scenario, the customer makes such false claims like the ordered product was not received, or he has been erroneously charged twice for the same transaction, etc. and tries to fraudulently get back the payment made for the purchase.
This type of fraud usually occurs when the card belonging to the customer has been stolen and misused by the thief, or his account has been hacked. When technology is used to cover up or manipulate transaction information so as to avoid detection of the crime, it is known as 'Clean Fraud'.
Under the camouflage of running a genuine business, fraudsters sometimes create merchant accounts and offer products through their own websites. They then misuse the card data of thousands of customers and withdraw money before they can even be traced or the amount could be reversed.
General Precautions
- Avoid downloading suspicious apps or software especially those originating from unverified sources
- Do not click links that are shared by unknown parties.
- Beware of unusually fast shipping promises as these are common signs of imposters acting as fake merchants.
- Never share confidential data or sensitive information with unidentified callers or in response to suspicious mailer requests.
- Refrain from sharing screens with unknown people at all times.
- Be wary of contact details found through search engines as they can be set up by fraudsters.
- Be extra careful while scanning QR codes using payment apps.
- Verify the genuineness of any kind of fund request sent in by friends or relatives, through phone or social media platforms.
- Strictly avoid charging your mobile device through charging ports at unfamiliar locations.
- Be cautious while applying for online loans offered by lending apps, particularly those of a dubious nature.
Precautions for Online Businesses
- Closely monitor new users on your website as they could be fraudsters using fake aliases.
- Keep a tab on large quantity orders of the same product since they could be fraudulent.
- Verify the authenticity of Cash-on-delivery orders as they are often misused to commit frauds.
- Check the validity of the addresses filled in by customers on your site since incomplete or suspicious addresses are used surreptitiously to cancel the orders later on and request for refund.
- Compare the shipping address with the billing address as in many cases fraudsters use separate addresses for billing and shipping.
- Track whether several cards are used from the same IP address as this could indicate the activities of a swindler.
How CCAvenue secures online transactions
As a leading Fintech company that offers complete online payment solutions, we understand the gravity of online payment security. At CCAvenue, we go all-out to provide the maximum level of security and ensure that every transaction that is done via our payment gateway is a secure one. We safeguard the interest of both the online businesses who avail our services, as well as their consumers transacting online. CCAvenue has implemented various security protocols and best practices, including PCI-DSS 3.2.1 compliance, TLS encryption, two-factor Authentication (2FA) and fraud prevention methods such as Velocity Checks and Blacklist Controls.
With a combination of best practices, leading technology and human intelligence, the CCAvenue F.R.I.S.K. engine provides an unprecedented level of risk detection and helps assess each transaction against a negative database collected over a decade and is verified by our dedicated risk management team for over 150 variables like high risk global IP address verification, BIN number mapping, etc.
Over time, techniques used by fraudsters have been rapidly evolving. Hence, it becomes essential to keep ourselves constantly updated on the modus operandi of fraudsters, as well as the precautions to be adopted while carrying out financial transactions.
CCAvenue is an end-to-end PCI-DSS Compliant payment-processing solution provider, catering to nearly 3 million merchants across all payments businesses. With its path-breaking technology in the Fintech space, CCAvenue is committed to redefine user experience, improve transaction success rates and increase the earning potential of web merchants exponentially.
Our comprehensive platform offers business enhancement tools that provide unparalleled product differentiation and are meticulously designed to expand the customer reach of our web merchants, taking their online businesses to the next level.
INFIBEAM AVENUES. All Rights Reserved.
