What is a Customer Awareness program in banks?

Bank customers in India are being targeted by fraudsters using a new type of mobile banking malware called SOVA Android Trojan. This malware captures the credentials when users log into their net banking apps and access bank accounts once installed and once installed, it is impossible to uninstall. Once the fake Android application is installed on the phone it sends the list of all applications installed on the device to the C2 (command and Control Server) controlled by the threat actor to get a list of targeted applications. Simultaneously, C2 sends back to the malware list of addresses for each targeted application and stores this information inside an XML File. These targeted applications are managed through the communications between the malware and C2.

 Infection Mechanism:

The malware is distributed via smishing (phishing via SMS) attacks, like the Android App. Once the fake Android app is installed on the mobile phone, it sends/ captures the list of all applications installed on the device and targets specific financial applications. The malware is capable of collecting keystrokes, stealing cookies, intercepting multi-factor authentication (MFA) tokens, taking screenshots and recording video from a webcam, performing gestures like screen click, swipe, etc. using Android accessibility service, copy/paste, and even mimicking over 200 banking and payment applications. The malware also can encrypt all data on an Android phone and hold it to ransom. The malware is also capable of protecting itself from the victim’s activities, e.g. If the user tries to uninstall the malware from the settings or pressing the icon, SOVA can intercept these actions and prevent them by returning to the home screen and showing a pop-up – displaying “This app is secured”.

Another method of duping the public is Fraud via UPI. The fraudsters misuse the ‘collect request’ feature of UPI by sending fake payment requests with messages like ‘Enter your UPI PIN’ to receive money.

There are also fake helpline /customer care contact details – Fake numbers of banks/e-wallet providers on webpages / social media are displayed by search engines, etc.

The Reserve Bank of India also made available an illustrative list of Early Warning Signals (EWS) which should alert bank officials about wrongdoings and frauds in loan accounts. In the background of increasing incidences of fraud in general and in loan portfolios in particular, the Reserve Bank of India brought into force the systemized framework for fraud risk management in banks.  The framework also provided the banks a list containing some 45 early warning signals which should immediately put the bank on alert regarding a weakness or wrongdoing in a loan account that may ultimately turn out to be fraudulent. Individual banks may add other alerts/signals based on their experience, client profile, and business models. One or more early warning signals so complied with by a bank would form the basis for classifying an account as a Red Flagged Account (RFA). In case the account is classified as an RFA, the Fraud Monitoring Group (FMG) will act upon further investigations or remedial measures necessary to protect the bank’s interest within a stipulated time which cannot exceed six months. The bank upon identifying the fraud should also report the matter immediately to investigative agencies for instituting criminal proceedings against the fraudulent borrowers, besides reporting the same to the Reserve Bank as per the above framework. (Read: RBI RELEASES 45 EARLY WARNING SIGNALS ABOUT WRONGDOINGS/FRAUDS IN LOAN ACCOUNTS)

The Reserve Bank of India given the rising incidents of fraud in the banking sector asked Individual banks to alerts/signals based on their experience to practice safe digital banking by taking all due precautions while carrying out any digital (online/mobile) banking/payment transactions.

Some of the important guidance given by the individual banks to their customers are as follows.

1.  Never share your account details such as account number, login ID, password, PIN, UPI-PIN, OTP, ATM / Debit card/credit card details with anyone, not even with bank officials, however genuine they might sound.

2.  Any phone call/email threatening the blocking of your account on the pretext of non-updation of KYC and suggestion to click a link for updating the same is a common modus operandi of fraudsters. Do not respond to offers for obtaining KYC updated/expedited. Always access the official website of your bank / NBFC / e-wallet provider or contact the branch.

3.  Transactions involving receipt of money do not require scanning barcodes / QR codes or entering MPIN. Thus, exercise caution if asked to do so.

4.  Always access the official website of the bank / NBFC / e-wallet provider for contact details. Contact numbers on search engines may be fraudulent.

5.  If you receive an OTP for debiting your account for a transaction not initiated by you, inform your bank/e-wallet provider immediately. If you receive a debit SMS for a transaction not done, inform your bank/e-wallet provider immediately and block all modes of debit, including UPI. If you suspect any fraudulent activity in your account, check for any addition to the beneficiary list enabled for Internet / mobile banking.

6.  Regularly check your email and phone messages for alerts from your financial service provider. Report any unauthorized transaction observed to your bank / NBFC / Service provider immediately to block the card/account/wallet, to prevent any further losses.

7.  Secure your cards and set daily limits for transactions. You may also set limits and activate/deactivate for domestic/international use. This can limit loss due to fraud.

Reporting of Cyber Crime incidents/Unauthorised Transactions:

The customer should report the incident to his home branch so that necessary action may be initiated by the home branch regarding stop/hold/raising charge back for the reported transaction.

Simultaneously, the customer has to report to cyber police for investigation.

For online complaint registrations with cyber police: https://www.cybercrime.gov.in/

The National Cybercrime Helpline number in India is 1930. You can call this number to report financial cyber-crimes involving digital banking, credit and debit cards, payment intermediaries, and UPI. After filing a complaint by phone, you can complete it online at the Indian Cybercrime Coordination Centre (I4C) website.

Note: Complainants, who registered a complaint using the “Report & Track” option on the National Cyber Crime Reporting Portal, may contact the respective State/UT Nodal Officer or Grievance Officer if the response is inappropriate.

Related Posts: