What appears obvious to a rational mind may not be too obvious all the time. Intuitively, we all know that making a payments via UPI calls for scanning a QR code, but some scamsters manage to convince their gullible victims that this method can be deployed to receive the money too.
What can leave you dumbfounded is that they succeed in their nefarious acts more often than not.
Sample this. Early this year, Delhi’s chief minister Arvind Kejriwal’s daughter Harshita became a victim of online scam. She tried to sell an old sofa set at online second-hand marketplace but was, instead, duped of ₹34,000.
And she is not alone. Several such cases have come to the fore of late.
Another victim of online fraud shared his story on Mumbai's reddit community.
This Mumbaikar wrote that he wanted to sell his furniture on an online marketplace. After seeing the advert, one potential 'buyer' called him and asked him to scan the QR code.
Despite being reluctant initially, he got convinced after he was affirmatively told that it was the only way to sell the furniture online.
Being a novice in online selling, he scanned the QR code with an intent to receive the money, but lost ₹5,000 instead. Much to his surprise, the scamster had the audacity to tell him to scan another QR code to receive the money which was sent inadvertently.
But he did not fall into his trap again, and instead went to a police station to file a criminal complaint. What he saw there spooked him. He realised that such scams were happening on a daily basis. Someone claimed to have lost ₹75K, while another person lost ₹14,000, so on and so forth.
The lesson one must learn from these not-so-inspiring anecdotes is that no matter how tempting the offer is, you should never ever scan the QR code in order to ‘receive’ the payment.
Aside from the QR code fraud, there are a number of ways wherein online scams are being carried out wherein innocent victims are fleeced of their hard-earned money.
We list out some of these here along with the useful tips:
A. Giving remote access: By downloading an unverified app, one can give remote access to their device. This can be misused by fraudsters to steal money through UPI.
B. Phishing scams: Some unauthorised payment links are sent via SMS. The link, when clicked, takes you to the UPI payment app on your phone. This would prompt you to select any of the apps for auto debit. After giving the permission, the amount would instantly get deducted from your account.
C. Sharing OTP & PIN: It is an oft-repeated warning by RBI that customers must not share their UPI PIN or OTP with anyone. Regardless of this, some fraudsters manage to convince the customers to share the OTP received on their phone. After it is shared, the fraudsters can authenticate illegitimate transaction and steal the money.
D. Deceptive handles: Some smart hackers use names like BHIM or SBI on their UPI social page to give an impression that it’s a credible UPI platform. So, UPI users must be careful about these tactics.
According to an RBI report, the frauds related only to debit cards or internet related channel jumped from 1,866 in fiscal 2019 to 2,545 in fiscal 2021 amounting to ₹119 crore.
To prevent yourself from an online fraud, customers must proactively call up the bank and get the UPI service or debit card blocked.
In case a fraud takes place, you can get the money back. As per the RBI’s notification in July 2017, a customer can get the entire money back if the fraud takes place due to a negligence or deficiency on the part of the bank or even if it’s a third-party breach provided the aggrieved customer notifies the bank within three working days of such a fraud.