Trust & Safety
Types of Payment Frauds & Best Practices to Stay Safe
Types of Payment Frauds & Best Practices to Stay Safe
The proliferation of digital payment modes has made life really easy. The ability to use payment apps to send money, pay all your bills, recharge, shop online and also make instant payments at your local kirana store has made the dependence on cash non-existent.
While digital payment modes have been a big boon, fraudsters are constantly looking at new ways to con you into doing spurious transactions.
Read on to know more about fraud prevention initiatives at PhonePe, types of fraud and how you can stay safe.
Fraud Prevention Initiatives at PhonePe
At PhonePe we are constantly working on making your transaction experience highly secure and safe. We use a mix of cutting-edge technology and strong risk and fraud processes to keep fraudsters at bay.
PhonePe Account & Transaction Security: To keep the platform safe and secure, we validate all accounts and transactions resulting from an account. These validations are done at various stages. As soon as new users register on PhonePe, their phone number is validated via an OTP, there is also an MPIN / Password setup for all UPI transactions, and any login from a new device is validated through an OTP verification.
We also block high risk transactions with suspicious attributes and indicators from accessing the platform.
Risk Investigations: Our risk investigations team handles fraud incidents reported via various channels and provides assistance to customers, vendors, partners and external agencies. This team also acts as a definitive line of defense against fraudsters by intercepting fraudulent transactions.
Tech Capabilities to Prevent Fraud: We obtain real-time signals like IP, location coordinates etc. to ensure that all fraudulent transaction details are accounted for. We also look at historical information such as user activity, device and instrument to flag off suspicious users.
Partnerships with Law Enforcement Agencies: We collaborate with cyber-crime cells of various law enforcement agencies throughout the country. We help them by providing relevant information on receiving fraud complaints, intercepting these transactions and blocking fraudulent users from accessing the PhonePe platform. We also maintain a negative database of all identified fraudulent users.
Do’s & Don’ts to Prevent Fraud:
- Do not share confidential details like card number, expiry date, PIN, OTP etc. with anyone. If you are asked for such details by anyone posing as a PhonePe representative, please ask them to send you an email. Only respond to emails from @phonepe.com domain.
- Always remember you do not have to ‘Pay’ or enter your UPI pin to receive money on PhonePe.
- Do not download and install third-party apps such as Screenshare, Anydesk, Teamviewer.
- Do not search for PhonePe customer support numbers on Google, Twitter, FB etc. The ONLY official way to reach PhonePe customer support is https://phonepe.com/en/contact_us.html
- Connect with us only on our official accounts across various social media platforms.
Twitter handles: https://twitter.com/PhonePe_
Facebook account: https://www.facebook.com/OfficialPhonePe/
- Never call/respond to unverified mobile numbers claiming to be PhonePe Support.
What should you do when contacted by a Fraudster?
- Immediately report the incident to your nearest cyber crime center and lodge an FIR providing relevant details (Phone number, transaction details, card number, bank account etc.) to the police.
- Login to your PhonePe app and go to ‘Help’. You can report the fraud incident under ‘Account security issue/ Report fraudulent activity’.
Here’s a snapshot of various types of frauds:
Request Money Fraud : The ‘Request’ feature allows people to send you a payment request. You can send money to another user by just clicking on the ‘Pay’ button and entering your UPI PIN. Fraudsters misuse this feature by sending fake payment requests with messages like ‘Enter your UPI PIN to receive money, “Payment successful receive Rs. xxx” etc.
Read more about the request money fraud here.
Scan QR code to receive money fraud: Fraudsters share a QR code over multimedia apps like Whatsapp and asking you to scan this code in order to receive money. Remember, there is no feature which allows you to scan a QR code to receive money. Please do not act upon such requests and also report the the sender’s number and other details.
Payment Fraud via Third Party Apps: Users often use social media channels to highlight problems they are facing with a transaction. Fraudsters call users or approach them through social media pretending to be company representatives. They ask users to download screen-sharing apps such as Screenshare, Anydesk, Teamviewer and hold their debit/credit card in front of the phone camera so that the “PhonePe verification system” can scan the details. Once they have the card details, they obtain the OTP SMS from the phone for transferring funds to their own account.
Read more about payments fraud via third party apps here.
Twitter Fraud: Fraudsters keep track of what users are posting on the original PhonePe customer care handle (tweets about issues related to availing cashback, money transfers etc.) and react immediately. One popular way they trick users is by tweeting fake customer care numbers as PhonePe helpline numbers. Customers end up calling the fake helpline number and sharing sensitive information such as card and OTP details.
Read more about Twitter frauds here.
Debit/Credit Card or Top-Up Fraud: In such scenarios, fraudsters call you claiming to be representatives of your bank, the RBI, an e-commerce site, or even a lottery scheme. They may ask you to share your 16 digit card number and CVV, and you receive an SMS with an OTP. The fraudsters call you back and asks for this OTP for verification purposes. Once you share the details, the fraudster’s wallet gets topped up with money from your account.
Read more about top-up frauds here.
Social Engineering Fraud: Social engineering is when fraudsters use your personal details to trick you into trusting them. The fraudsters call you claiming to be customer support representatives from your bank. They use details you have shared on social media (birth date, location etc.) to gain your trust and ask you to share sensitive bank account/card information. They then ask you to provide the OTP to complete the transaction and top up their wallet using your Debit Card.
Read more about social engineering frauds here.
SIM Swap Fraud: A SIM swap scam is where fraudsters get a new SIM issued for your phone number using your personal details. By doing this, they also gain access to OTPs needed for authorizing payments from your bank account. The fraudster can call you pretending to be a representative from your mobile operator, and ask you to forward an SMS to upgrade your network. This SMS contains a 20 digit number from the back of a new SIM. This SMS deactivates your current SIM and activates a duplicate SIM.
Read more about the SIM Swap fraud here.