“These scammers do not rely much on technical ways such as hacking to defraud people,” said Manish Agarwal, Head – Risk Intelligence and Control, HDFC Bank.

“In fact, most of the frauds now happen through social engineering. The fraudsters are well aware of current affairs, regulations, etc. and use them as their theme to target customers,” Agarwal told Business Standard in an interaction.

According to Agarwal, fraudsters are generally concentrated in geographies around the metros and urban centers. This is primarily because law enforcement agencies’ reach is strong in metro centers.

Social engineering is the preferred modus operandi of the fraudsters, as their scripts are generally themed around greed, help, threat and commerce.

They lure the customer with a lottery (greed); promise to help the customer to redeem card points; warn the customer to update KYC else the account will be deactivated (threat). There are also instances when the customer initiates a transaction (commerce) by ordering online from an unverified site (liquor for instance) and thereby falling prey to fraudsters.

“65%-70% of cyber frauds happen between 7 am and 7 pm since fraudsters want to gain the trust of their victims. Calling during working hours make their offers appear more convincing and customers often fall prey to them as the calls appear legitimate,” Agarwal said while explaining the rationale behind the timing.

Another interesting point revealed by the analysis is that as many as 80-85% of the affected customers are in the age group 22-50, who supposedly belonged to the more tech savvy age bracket.

“While, technically, almost 80-90% of frauds happen due to customer negligence, many times customers get defrauded even without sharing confidential information,” Agarwal said.

Fraudsters, on the pretext of helping their targets, are now making victims download certain genuine applications (app) and gaining access to their phones. Hence, without even asking their targets, fraudsters are gaining access to confidential information through these legitimate apps.

“For instance, there are genuine apps which are used by IT professionals to service their customers in different locations. Through these apps, they take control of their customers’ laptops/phones in order to mend and resolve issues,” Agarwal added.

Apart from asking customers not to share OTP, PIN and other confidential information, HDFC Bank is also asking them not to click any unknown links and make payments on unrecognised e-commerce platforms.

The home ministry has operationalized a centralised helpline number, 155260, and a reporting platform where victims can report incidents of cyber fraud. The helpline is manned by respective state police and reported incidents are handled through the Citizen Financial Cyber Fraud Reporting and Management System, which is integrated with law enforcement agencies, banks, and financial institutions.

Agarwal said HDFC Bank is asking customers not to click any unknown links and make payments on unrecognised e-commerce platforms.

“Customers are also being made aware that if someone is promising to send money, it does not require them to share any type of authorisation or PIN authentication,” Agarwal added.

Do share your thoughts via comments.