Amid news of cyber criminals looting ₹1 crore from 81 Mumbaikars in 16 days through bank KYC, PAN scam, a new kind of online bank fraud has emerged where a fraudster would knowingly send money in your account using Google Pay or PhonePe gateway. After sending money in your bank account through Google Pay or PhonePe, the fraudster would ask you to repay the money posing as it has been send by mistake. In a good gesture, you would repay that ₹10 or ₹50 amount immediately to the callers Google Pay or PhonePe number and become a victim of malware attack.
On such online frauds are executed targeting Google Pay and PhonePe users, Pavan Duggal, a Delhi-based cybercrime expert said, “In this mix of malware plus human engineering scam, someone knowingly sends money to your account via Google Pay or PhonePe gateway and calls you posing that the money was sent in your account by mistake and requests that you send the money back to their number. If you send the money back, your account will be hacked.”
On how this phishing is executed, Pavan Duggal said, “When a Google Pay or PhonePe user repays the money, their entire data, including banking and other KYC documents like PAN, Aadhaar, etc. become available to the fraudster and these documents are enough to hack anybody’s bank account.”
Precaution for Google Pay, PhonePe users
Pavan Duggal, who is President at cyberlaw.com went on to add, “As I told earlier, this is a mix of malware phishing plus human engineering and hence anti-malware software are not going to safeguard Google Pay and PhonePe users from this online fraud. So, the best solution for Google Pay or PhonePe users is to just reply to such calls citing they asking their bank to look into the matter as the money deposited in their account has come by mistake.”