Overwhelming majority of citizens, search customer care numbers on Google. Cyber criminals have started exploiting this habit of citizens to de-fraud people en masse. They create fake websites which list fake customer care, helpline or business related numbers, waiting to trap gullible victims.
Not only these criminals create fake websites but also invest a lot of time and effort on Search Engine Optimization (SEO) to ensure that their fake websites display in the first page of the search results. In some cases, the fraudulent websites may even appear at the top of the search results. It has been observed that, the higher the result in the Google SERPs, the higher is the degree of faith that people repose in them.
Thus, cyber criminals are laying trap for citizens searching for helpline numbers, in a very meticulous fashion. Once you call them, thinking it to a genuine helpline number, the fraudster has the most essential thing, he needs to de-fraud you – your trust. Hence, these fake phishing websites and number, provides higher success ratio to a fraudster vis-à-vis other cyber crime Modus Operandi.
Since, we have now understood the genesis of this type of fraud, let’s now delve deeper into it as explained below.
Steps in the Fraud:
Step 1: As explained above, fraudster create fake websites, displaying fraudulent customer care and helpline numbers, waiting to trap potential victims.
Step 2: Once the victims calls the fraudulent number, the fraudster offers free help. However, having your trust, he seeks confidential information as part of the helping process.
The kind of information sought depends on the type of the fake website and helpline service created.
For a fake Zomato customer care, the fraudster will send you a payment request on UPI. Then the fraudster will ask for UPI PIN to refund the money to your wallet/ account. However, it’s a collection request rather than payment, and the money will get deducted from your account after you share the UPI PIN.
Fraudster may also ask you to do any of the following:
Step 3: Once you share the sensitive information like OTP or UPI PIN or install any screen recorder app like Any Desk, the fraudster gains the information needed to perform bank transactions.
Step 4: Fraudster then transfers the money from your account to his, and then is nowhere to be found. He will reject your call, refuse to answer, block your number or switch off his phone. The fraudster may even abuse you.
In some cases, as victims notice money withdrawal from the account, they confront the fraudster. The conman then plays the trick again. He asks for forgiveness, says sorry and claims that money was deducted from the account by mistake.
He then sends the payment request and again seeks UPI PIN. This time the victim gets re-victimized. The process continues, until the victim realizes that he is getting duped again and again. Finally, the fraudster having realized that it’s no longer possible to de-fraud the victim, vanishes like puff of dust.
How to Protect:
Always remember the fact that you don't need to share UPI PIN or install an app for receiving money in your account. If someone seek confidential information or asks to install an app, immediately move away.
Few Real Life Examples:
What if Already Defrauded?
If you have already become victims of such crimes, learn here the procedure to report cyber crimes in India:
Also, learn the process for money refund here:
Fraudsters are using all the means possible to gain the trust of the citizens, following which they de-fraud them. You should always remain vigilant and suspicious and never share crucial information like UPI PIN, OTP, card details etc.