Users of digital payments platforms will have to be extra vigilant as hundreds of Paytm customers have complained of fraud by 'Paytm employees', reports suggest. As the issue gained traction, Paytm Founder Vijay Shekhar Sharma took to Twitter to caution and assure users.He (
@vijayshekhar) tweeted on November 19 cautioning users about fraudsters' attempts on their accounts. He stated that some SMS were doing the rounds with some lucky draw and asked users not to fall for it.
Modus operandi The fraudsters target customers by asking them to download a mobile or desktop app to facilitate the Know-Your-Customer (KYC) process, through which they gain access to the victim’s PIN. They then proceed to empty out the linked bank account in multiple successive transactions, the Economic Times reports. Applications used in the scam include AnyDesk, QuickSupport and TeamViewer, the report added.
Moneycontrol could not independently verify the report.
Extent of the problem
While the extent of damage is not known, the company had in a statement said the problem was 'widespread'. Several complaints were registered with Paytm and the Reserve Bank of India (RBI) over the past three months, citing the same modus operandi.
In fact, Finance Minister Nirmala Sitharaman told Rajya Sabha that the central bank had registered 2,000 such complaints since July. Only 723 (36 percent) of these were resolved, with the rest yet pending, she added. How many of the cases were specific to Paytm was unclear.
The article quotes Satish Kumar Gupta, MD, Paytm Payments Bank, as saying that the company is in 'constant touch' with the police and encouraged customers to report such incidents so that 'concrete action' could be taken. He added that customers would be kept informed via their blog, app and social media.
Similar instances in the past
Earlier this year, HDFC Bank, Axis Bank and RBI has issued advisories against downloading remote applications such as AnyDesk, QuickSupport and TeamViewer for transactions or processes, especially when interacting over the phone.
While the applications/tools themselves are not malware, they provide remote access to devices, which allows fraudsters to misuse them if the victims have not secured their home or office computers.
Steps to ensure you do not fall prey
Digital frauds have been quite rampant as more people migrate to digital payment platforms: UPI or BHIM. Customers have to be extra vigilant to ensure they are not playing into the scam, which is designed to seem like legitimate transactions.
For example, before downloading an app, first check with the bank or payments platform if they have an app and what the app is called.
Second, beware of apps requiring you to fill in the bank, Aadhaar and mobile details, especially BHIM, which does not require these details.
Third, be extremely wary of SMS of WhatsApp prompts for KYC, Aadhaar details, PIN or OTP details.