Kasaragod, May 14, 2022: A teacher lost approximately Rs 1.22 lakh from her bank account after sharing her banking information, including the one-time password (OTP), with cybercriminals posing as customer service representatives.
According to Kasaragod Cyber Crime Inspector Anoob Kumar E, the money was stolen from the State Bank of India’s Nileshwar branch in Kasaragod district and moved to an ICICI Bank in Kolkata.
It was also revealed that the fraud was elaborate and lasted several days, and the scam artists sounded convincing enough for the teacher to share her OTP with them not once, but thrice.
According to the FIR filed with the Cyber Crime Police Station, the recipient received an SMS from the State Bank of India in the first week of May requesting that she update her KYC (Know Your Customer) documents, failing which her bank account will be terminated. The SMS was signed off as ‘Team SBI’ and included a phone number.
This started on May 4, as the teacher was aware of the KYC and dialled the “customer care number” given in the SMS.
Then the so-called executive took down her information. She gave her bank account number, the branch’s IFSC, her 16-digit debit card number, the card verification value (CVV), which is a three-digit number on the back of the debit card, and the ATM PIN, according to the FIR.
The scammer kept the teacher on hold for a while before requesting that the OTP be given to her phone and she shared it with the person on the phone. Later, the fraudster informed her that the server was down and that the KYC could not be updated.
So the teacher was told that she would be contacted the following day.
The next day, the ‘customer care executive’ called the teacher again, this time requesting the same information as before, as well as the OTP. The executive requested the OTP again after about three minutes and she mentioned the number twice.
But then she received two text messages on her phone stating that her account has been debited for Rs 99,899 and Rs 22,011.
According to the Cyber Crime inspector, “We believe they used the OTP to add a fund transfer beneficiary to her account and stole the money the next day.”
He claimed that in November last year, fraudsters used the same method to steal Rs 7 lakh from the bank accounts of a married couple in Rajapuram, Kerala.
However, in this latest case, after the officers traced the money to ICICI Bank in Kolkata, the inspector said that the scam artists would have provided their KYC to open the account, but they would almost certainly have provided bogus ID and proof of address.
However, the bank will have their photographs, as the banking regulator, the Reserve Bank of India, has made it mandatory for all customers to share their most recent photograph, identity card and address proof with their bank, to prevent financial fraud.