The number of cyber crimes in India could touch 3,00,000 in 2015
The next time you head to an automated teller machine (ATM) to withdraw money and spot a wad of chewing gum stuck to it, it might be time to raise a red flag.
With more people coming into the banking fold, fraudsters are turning increasingly innovative. Some use complex mechanisms to launch a phishing attack; others are relying on mere chewing gum to do the trick.
Sample this: A consumer went to withdraw Rs 400 from an ATM but later got an SMS that Rs 10,000 was debited from the account. A later look at the CCTV footage revealed that two other people near the machine had tampered with it – the annual report of the Reserve Bank of India's banking ombudsman scheme cited the example.
The method in this case was simple. One ATM machine was made temporarily non-operational with a chewing gum. The person walking in to withdraw money was directed to the adjacent ATM after the card had been swiped on it, as it wasn’t working. The man stationed inside the ATM would watch the PIN details being inserted, on the pretext of standing there and counting money. Once the card owner left, the transaction would be carried out on the machine made temporarily non-operational by the chewing gum.
Another instance when ATM fraud happens is when consumers forget to cancel a transaction at an ATM which might be slow in dispensing money. In this trick, the fraudster stationed near the kiosk might tell you the machine isn’t working after you have fed in the details. Most consumers forget to cancel the transaction if they don’t receive the money in a few minutes and walk away from the ATM; the money is then collected by the fraudster.
Data from the Banking Ombudsman Scheme (BOS), issued on Thursday by RBI, shows 18,474 complaints registered against ATM/debit/credit cards in 2013-14. In the previous year, there were 17,867 complaints in this regard.
Though banks station security guards at onsite ATMs, it is not mandatory for all offsite ones to have a guard. Bankers say several frauds happen at the latter.
“With an increase in the number of ATMs, the number of fraud cases has also gone up. It is also because cashless transactions have increased. With the rise in cost of running an ATM, it is not possible to have a security guard at each. That is why we try and educate consumers frequently via emails/msgs, etc,” said an executive at a private sector bank.
Another banker says with the increase in debit cards issues with regard to the Pradhan Mantri Jan Dhan Yojana, it is possible that fraud cases with regard to ATMs might rise. “First-time consumers who are not well versed with banking practices might be more susceptible. With the increase in the number of cards, with more than 10 crore accounts being opened under the scheme, an increase in fraud cases is possible. All the banks will have to ensure they are properly educated,” said another executive.
The spate of fraud in the online and mobile space has also increased with consumers choosing the digital way to transact. Free downloads of games and applications on the phone also end in compromising the security feature. An Assocham-Mahindra SSG study has cautioned that the number of cyber crimes in India could touch 3,00,000 in 2015, almost double the level of last year.
In fact, consumers’ data could be compromised by using free wi-fi on an unsecured network. “Consumers don’t generally realise that while using free wi-fi, they might be exposing their phone to a phishing attack. One should not do any financial transaction when on a wi-fi zone whose security you are not sure of,” said Kumar Karpe, head of TechProcess Payment Services.
He says in a survey they did a little over a year before, they had gathered that 40-45 per cent of consumers were comfortable sharing their Personal Identification Number (PIN), another common medium used by scamsters.
Experts say some fraudsters also set up a similar-looking website to that of existing lenders. As a result, consumers who are not very cautions while carrying out a transaction on the digital medium might get their data stolen.